Filtered by CWE-125
Filtered by vendor Subscriptions
Total 7462 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-56378 2024-12-23 4.4 Medium
libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.
CVE-2024-11616 2024-12-20 N/A
Netskope was made aware of a security vulnerability in Netskope Endpoint DLP’s Content Control Driver where a double-fetch issue leads to heap overflow. The vulnerability arises from the fact that the NumberOfBytes argument to ExAllocatePoolWithTag, and the Length argument for RtlCopyMemory, both independently dereference their value from the user supplied input buffer inside the EpdlpSetUsbAction function, known as a double-fetch. If this length value grows to a higher value in between these two calls, it will result in the RtlCopyMemory call copying user-supplied memory contents outside the range of the allocated buffer, resulting in a heap overflow. A malicious attacker will need admin privileges to exploit the issue. This issue affects Endpoint DLP version below R119.
CVE-2024-54506 1 Apple 1 Macos 2024-12-20 9.8 Critical
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.2. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.
CVE-2024-0519 3 Couchbase, Fedoraproject, Google 3 Couchbase Server, Fedora, Chrome 2024-12-20 8.8 High
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-51471 1 Ibm 1 Mq Appliance 2024-12-20 5.3 Medium
IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size.
CVE-2024-11581 1 Luxion 1 Keyshot 2024-12-20 7.8 High
Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of jt files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23826.
CVE-2024-21549 2024-12-20 7.5 High
Versions of the package spatie/browsershot before 5.0.3 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method. An attacker can exploit this vulnerability by utilizing view-source:file://, which allows for arbitrary file reading on a local file. **Note:** This is a bypass of the fix for [CVE-2024-21544](https://security.snyk.io/vuln/SNYK-PHP-SPATIEBROWSERSHOT-8496745).
CVE-2024-49028 1 Microsoft 4 365 Apps, Excel, Office and 1 more 2024-12-20 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-43449 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-12-20 6.8 Medium
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43644 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-12-20 7.8 High
Windows Client-Side Caching Elevation of Privilege Vulnerability
CVE-2024-43643 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-12-20 6.8 Medium
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43638 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-12-20 6.8 Medium
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43637 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-12-20 6.8 Medium
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-43634 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2024-12-20 6.8 Medium
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
CVE-2024-26791 1 Linux 1 Linux Kernel 2024-12-20 7.1 High
In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getname_kernel(). Add a helper that validates both source and target device name buffers. For devid as the source initialize the buffer to empty string in case something tries to read it later. This was originally analyzed and fixed in a different way by Edward Adam Davis (see links).
CVE-2024-33043 1 Qualcomm 406 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 403 more 2024-12-20 5.5 Medium
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVE-2024-49113 2024-12-20 7.5 High
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2024-49110 2024-12-20 6.8 Medium
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
CVE-2024-49109 2024-12-20 6.6 Medium
Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
CVE-2024-49083 2024-12-20 6.8 Medium
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability