Total
12959 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52988 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-12-18 | 7.8 High |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-44366 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-12-18 | 7.8 High |
| Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2018-9469 | 1 Google | 1 Android | 2024-12-18 | 8.4 High |
| In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged app with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2018-9470 | 1 Google | 1 Android | 2024-12-18 | 8.8 High |
| In bff_Scanner_addOutPos of Scanner.c, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2018-9471 | 1 Google | 1 Android | 2024-12-18 | 9.8 Critical |
| In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-49537 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-12-18 | 7.8 High |
| After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2018-9475 | 1 Google | 1 Android | 2024-12-18 | 7.5 High |
| In HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote escalation of privilege via Bluetooth, if the recipient has enabled SIP calls with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-49551 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-12-18 | 7.8 High |
| Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49552 | 1 Adobe | 1 Media Encoder | 2024-12-18 | 7.8 High |
| Media Encoder versions 25.0, 24.6.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49553 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-12-18 | 7.8 High |
| Media Encoder versions 25.0, 24.6.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2017-13313 | 1 Google | 1 Android | 2024-12-18 | 7.5 High |
| In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2024-52994 | 1 Adobe | 1 Substance 3d Sampler | 2024-12-18 | 7.8 High |
| Substance3D - Sampler versions 4.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-52995 | 1 Adobe | 1 Substance 3d Sampler | 2024-12-18 | 7.8 High |
| Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-52996 | 1 Adobe | 1 Substance 3d Sampler | 2024-12-18 | 7.8 High |
| Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-3291 | 1 Gpac | 1 Gpac | 2024-12-17 | 3.3 Low |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2024-43091 | 1 Google | 1 Android | 2024-12-17 | 9.8 Critical |
| In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-38922 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | 8.8 High |
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose. | ||||
| CVE-2024-31336 | 2 Google, Imaginationtech | 2 Android, Ddk | 2024-12-17 | 8.4 High |
| In PVRSRVBridgeRGXKickTA3D2 of server_rgxta3d_bridge.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-40658 | 1 Google | 1 Android | 2024-12-17 | 7.8 High |
| In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-31311 | 1 Google | 1 Android | 2024-12-17 | 7.8 High |
| In increment_annotation_count of stats_event.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||