Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25870 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25866 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25890 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25895 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25897 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25898 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25882 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25883 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25880 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25885 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-04-03 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2019-6247 | 2 Antigrain, Svgpp | 2 Agg, Svgpp | 2023-04-01 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap. | |||||
| CVE-2019-6245 | 3 Antigrain, Debian, Svgpp | 3 Agg, Debian Linux, Svgpp | 2023-04-01 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption. | |||||
| CVE-2023-26337 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2023-03-31 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-28445 | 1 Deno | 3 Deno, Deno Runtime, Serde V8 | 2023-03-31 | N/A | 9.8 CRITICAL |
| Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the only version affected is Deno 1.32.0. Deno Deploy users are not affected. The problem has been resolved by disabling resizable ArrayBuffers temporarily in Deno 1.32.1. Deno 1.32.2 will re-enable resizable ArrayBuffers with a proper fix. As a workaround, run with `--v8-flags=--no-harmony-rab-gsab` to disable resizable ArrayBuffers. | |||||
| CVE-2023-21597 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-03-30 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21069 | 1 Google | 1 Android | 2023-03-30 | N/A | 6.7 MEDIUM |
| In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254029309References: N/A | |||||
| CVE-2023-21071 | 1 Google | 1 Android | 2023-03-30 | N/A | 6.7 MEDIUM |
| In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254028518References: N/A | |||||
| CVE-2023-21072 | 1 Google | 1 Android | 2023-03-30 | N/A | 6.7 MEDIUM |
| In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257290781References: N/A | |||||
| CVE-2023-21070 | 1 Google | 1 Android | 2023-03-30 | N/A | 6.7 MEDIUM |
| In add_roam_cache_list of wl_roam.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254028776References: N/A | |||||
| CVE-2023-21076 | 1 Google | 1 Android | 2023-03-30 | N/A | 6.7 MEDIUM |
| In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-261857623References: N/A | |||||