Total
3154 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21836 | 1 Ggml | 1 Llama.cpp | 2026-06-17 | N/A | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-21825 | 1 Ggml | 1 Llama.cpp | 2026-06-17 | N/A | 8.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-21812 | 2 Fedoraproject, Libbiosig Project | 2 Fedora, Libbiosig | 2026-06-17 | N/A | 9.8 CRITICAL |
| An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-21783 | 2026-06-17 | N/A | 4.8 MEDIUM | ||
| Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2024-21646 | 1 Microsoft | 1 Azure Uamqp | 2026-06-17 | N/A | 9.8 CRITICAL |
| Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01. | |||||
| CVE-2024-21631 | 1 Vapor | 1 Vapor | 2026-06-17 | N/A | 6.5 MEDIUM |
| Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's `vapor_urlparser_parse` function uses `uint16_t` indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs. This vulnerability does not affect Vapor directly but could impact applications relying on the URI type for validating user input. The URI type is used in several places in Vapor. A developer may decide to use URI to represent a URL in their application (especially if that URL is then passed to the HTTP Client) and rely on its public properties and methods. However, URI may fail to properly parse a valid (albeit abnormally long) URL, due to string ranges being converted to 16-bit integers. An attacker may use this behavior to trick the application into accepting a URL to an untrusted destination. By padding the port number with zeros, an attacker can cause an integer overflow to occur when the URL authority is parsed and, as a result, spoof the host. Version 4.90.0 contains a patch for this issue. As a workaround, validate user input before parsing as a URI or, if possible, use Foundation's `URL` and `URLComponents` utilities. | |||||
| CVE-2024-21470 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 63 more | 2026-06-17 | N/A | 8.4 HIGH |
| Memory corruption while allocating memory for graphics. | |||||
| CVE-2024-21454 | 1 Qualcomm | 6 Auto 4g Modem, Auto 4g Modem Firmware, Auto 5g Modem-rf and 3 more | 2026-06-17 | N/A | 7.5 HIGH |
| Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. | |||||
| CVE-2024-21450 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21444 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21441 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21428 | 1 Microsoft | 4 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2024-21420 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21379 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2024-21372 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 8.8 HIGH |
| Windows OLE Remote Code Execution Vulnerability | |||||
| CVE-2024-21350 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2026-06-17 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21105 | 1 Oracle | 1 Solaris | 2026-06-17 | N/A | 2.0 LOW |
| Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 2.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N). | |||||
| CVE-2024-20795 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-20698 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-06-17 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2024-20654 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 8.0 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||