| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Visual Studio Remote Code Execution Vulnerability |
| Windows iSCSI Discovery Service Remote Code Execution Vulnerability |
| Windows Media Remote Code Execution Vulnerability |
| Microsoft ODBC Driver Remote Code Execution Vulnerability |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| Windows iSCSI Service Denial of Service Vulnerability |
| Windows Print Spooler Elevation of Privilege Vulnerability |
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability |
| Windows libarchive Remote Code Execution Vulnerability |
| Microsoft SQL Server Native Scoring Information Disclosure Vulnerability |
| MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API. |
| tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition. |
| In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege. |
| In oemCallback of ril.cpp, there is a possible out of bounds write due to an
integer overflow. This could lead to local escalation of privilege with
System execution privileges needed. User interaction is not needed for
exploitation. |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
