Total
3345 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-22436 | 1 Openatom | 1 Openharmony | 2025-03-04 | 7.8 High |
| The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root. | ||||
| CVE-2025-20024 | 1 Openatom | 1 Openharmony | 2025-03-04 | 3.8 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | ||||
| CVE-2023-21716 | 1 Microsoft | 8 Office, Office Long Term Servicing Channel, Office Online Server and 5 more | 2025-02-28 | 9.8 Critical |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2023-24909 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 8 more | 2025-02-28 | 8.8 High |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-28295 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-02-28 | 7.8 High |
| Microsoft Publisher Remote Code Execution Vulnerability | ||||
| CVE-2023-35312 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 7.8 High |
| Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability | ||||
| CVE-2022-20532 | 1 Google | 1 Android | 2025-02-28 | 9.8 Critical |
| In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232242894 | ||||
| CVE-2023-24863 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2023-24906 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2023-35341 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.2 Medium |
| Microsoft DirectMusic Information Disclosure Vulnerability | ||||
| CVE-2024-45555 | 1 Qualcomm | 82 Msm8996au, Msm8996au Firmware, Qam8255p and 79 more | 2025-02-28 | 8.4 High |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. | ||||
| CVE-2023-36866 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-02-27 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2023-36910 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-27 | 9.8 Critical |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||||
| CVE-2023-36911 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-27 | 9.8 Critical |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||||
| CVE-2023-35383 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-27 | 7.5 High |
| Microsoft Message Queuing Information Disclosure Vulnerability | ||||
| CVE-2023-35385 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-27 | 9.8 Critical |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||||
| CVE-2023-35372 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-02-27 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2023-24180 | 1 Libelfin Project | 1 Libelfin | 2025-02-27 | 6.5 Medium |
| Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmap_loader.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted elf file. | ||||
| CVE-2022-49143 | 2025-02-26 | 6.7 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-28097 | 1 Opensips | 1 Opensips | 2025-02-25 | 7.5 High |
| OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large _Content-Length_ value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memory using the `-m` flag was allocated to OpenSIPS, such as 10 GB of RAM. On the test system, this issue occurred when shared memory was set to `2362` or higher. This issue is fixed in versions 3.1.9 and 3.2.6. The only workaround is to guarantee that the Content-Length value of input messages is never larger than `2147483647`. | ||||