| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| Windows SMB Elevation of Privilege Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| Windows DWM Core Library Information Disclosure Vulnerability |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability |
| Windows Cryptographic Services Information Disclosure Vulnerability |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. |
| In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.) |
| DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to use the impacted crypto curves and operations with ephemeral keys to reduce the number of DPA traces that can be collected. |
| In vpu, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06382421; Issue ID: ALPS06382421. |
| Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory. |
| Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information. |
| html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file. |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790. |
| A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). |
