Total
329 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28900 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 5.5 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2024-26243 | 1 Microsoft | 7 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 4 more | 2025-01-23 | 7 High |
| Windows USB Print Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-28902 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 5.5 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2024-28901 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 5.5 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2024-26255 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-23 | 5.5 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2023-28267 | 1 Microsoft | 14 Remote Desktop, Windows 10 1507, Windows 10 1607 and 11 more | 2025-01-23 | 6.5 Medium |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | ||||
| CVE-2023-28266 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 5.5 Medium |
| Windows Common Log File System Driver Information Disclosure Vulnerability | ||||
| CVE-2024-7347 | 2 F5, Redhat | 3 Nginx Open Source, Nginx Plus, Enterprise Linux | 2025-01-22 | 4.7 Medium |
| NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-9843 | 2 Apple, Ivanti | 2 Macos, Secure Access Client | 2025-01-17 | 5 Medium |
| A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service. | ||||
| CVE-2024-21477 | 1 Qualcomm | 368 Aqt1000, Aqt1000 Firmware, Ar8035 and 365 more | 2025-01-15 | 7.5 High |
| Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. | ||||
| CVE-2023-43528 | 1 Qualcomm | 182 Ar8035, Ar8035 Firmware, C-v2x 9150 and 179 more | 2025-01-15 | 6.1 Medium |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. | ||||
| CVE-2023-43527 | 1 Qualcomm | 108 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 105 more | 2025-01-15 | 6.8 Medium |
| Information disclosure while parsing dts header atom in Video. | ||||
| CVE-2023-2854 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-01-15 | 5.3 Medium |
| BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file | ||||
| CVE-2023-33115 | 1 Qualcomm | 336 Aqt1000, Aqt1000 Firmware, Ar8035 and 333 more | 2025-01-13 | 7.8 High |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. | ||||
| CVE-2024-45548 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | 7.8 High |
| Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call. | ||||
| CVE-2024-45546 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | 7.8 High |
| Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. | ||||
| CVE-2024-45558 | 1 Qualcomm | 366 Ar8035, Ar8035 Firmware, Csr8811 and 363 more | 2025-01-13 | 7.5 High |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | ||||
| CVE-2023-43539 | 1 Qualcomm | 274 Ar8035, Ar8035 Firmware, Csr8811 and 271 more | 2025-01-10 | 7.5 High |
| Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame. | ||||
| CVE-2023-33090 | 1 Qualcomm | 104 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 101 more | 2025-01-10 | 5.5 Medium |
| Transient DOS while processing channel information for speaker protection v2 module in ADSP. | ||||
| CVE-2023-33078 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2025-01-10 | 5.1 Medium |
| Information Disclosure while processing IOCTL request in FastRPC. | ||||