| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the HandleCursorShape() function in libvncclient/cursor.c. An attacker sends cursor shapes with specially crafted dimensions, which can result in remote code execution. |
| Heap-based overflow in Intel(R) SoC Watch based software before version 2021.1 may allow a privileged user to potentially enable escalation of privilege via local access. |
| Windows Boot Manager Security Feature Bypass Vulnerability |
| Visual Studio Elevation of Privilege Vulnerability |
| Windows DNS Server Remote Code Execution Vulnerability |
| Windows Network Load Balancing Remote Code Execution Vulnerability |
| DHCP Server Service Remote Code Execution Vulnerability |
| Windows Bluetooth Driver Remote Code Execution Vulnerability |
| Windows NTLM Elevation of Privilege Vulnerability |
| Raw Image Extension Remote Code Execution Vulnerability |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Microsoft SQL Server Remote Code Execution Vulnerability |
| There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). |
| A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context |
|
The APDFL.dll contains an out-of-bounds write past the fixed-length
heap-based buffer while parsing specially crafted PDF files. This could
allow an attacker to execute code in the context of the current process.
|
|
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely.
|
| A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash. |
| A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. |
