Total
337 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24870 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2023-24883 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-28 | 6.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2023-35324 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-02-28 | 5.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2023-32085 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-02-28 | 5.5 Medium |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||||
| CVE-2024-45559 | 1 Qualcomm | 46 Qam8255p, Qam8255p Firmware, Qam8295p and 43 more | 2025-02-28 | 5.5 Medium |
| Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. | ||||
| CVE-2023-38172 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-27 | 7.5 High |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||||
| CVE-2024-57970 | 1 Redhat | 1 Enterprise Linux | 2025-02-18 | 4 Medium |
| libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname. | ||||
| CVE-2024-6874 | 2 Curl, Haxx | 2 Libcurl, Libcurl | 2025-02-13 | 3.1 Low |
| libcurl's URL API function [curl_url_get()](https://curl.se/libcurl/c/curl_url_get.html) offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the *macidn* IDN backend. The conversion function then fills up the provided buffer exactly - but does not null terminate the string. This flaw can lead to stack contents accidently getting returned as part of the converted string. | ||||
| CVE-2024-20290 | 2 Cisco, Fedoraproject | 3 Secure Endpoint, Secure Endpoint Private Cloud, Fedora | 2025-02-13 | 7.5 High |
| A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog . | ||||
| CVE-2023-49285 | 2 Redhat, Squid-cache | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-02-13 | 8.6 High |
| Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-12011 | 2025-02-13 | 7.6 High | ||
| A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid authentication tokens from the process memory associated to users currently logged to the system and bypass the authentication mechanism. | ||||
| CVE-2024-33427 | 2025-02-13 | 0.0 Low | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
| CVE-2024-45561 | 1 Qualcomm | 64 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 61 more | 2025-02-12 | 7.8 High |
| Memory corruption while handling IOCTL call from user-space to set latency level. | ||||
| CVE-2023-39540 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | 5.9 Medium |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet. | ||||
| CVE-2023-39541 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | 5.9 Medium |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. | ||||
| CVE-2023-24942 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-02-11 | 7.5 High |
| Remote Procedure Call Runtime Denial of Service Vulnerability | ||||
| CVE-2023-24901 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-02-11 | 7.5 High |
| Windows NFS Portmapper Information Disclosure Vulnerability | ||||
| CVE-2022-25747 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2025-02-11 | 8.2 High |
| Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message | ||||
| CVE-2023-24513 | 5 Amazon, Arista, Equinix and 2 more | 6 Aws Marketplace, Cloudeos, Dca-200-veos and 3 more | 2025-02-07 | 6.5 Medium |
| On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic. | ||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | 8.2 High |
| Information disclosure while parsing the OCI IE with invalid length. | ||||