Total
1767 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-49059 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-01-08 | N/A | 7.0 HIGH |
| Microsoft Office Elevation of Privilege Vulnerability | |||||
| CVE-2024-49108 | 1 Microsoft | 5 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 2 more | 2025-01-08 | N/A | 8.1 HIGH |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | |||||
| CVE-2024-49106 | 1 Microsoft | 5 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 2 more | 2025-01-08 | N/A | 8.1 HIGH |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | |||||
| CVE-2024-49097 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-01-08 | N/A | 7.0 HIGH |
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | |||||
| CVE-2024-49095 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2025-01-08 | N/A | 7.0 HIGH |
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | |||||
| CVE-2024-49084 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-08 | N/A | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-20736 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2025-01-07 | N/A | 6.4 MEDIUM |
| In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645189. | |||||
| CVE-2023-20750 | 2 Google, Mediatek | 23 Android, Mt6835, Mt6886 and 20 more | 2025-01-07 | N/A | 4.1 MEDIUM |
| In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928. | |||||
| CVE-2023-52749 | 1 Linux | 1 Linux Kernel | 2025-01-06 | N/A | 4.7 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous (noqueue) transfer can be active during a system suspend. This can cause a null pointer dereference exception to occur when the system resumes. Example order of events leading to the exception: 1. spi_sync() calls __spi_transfer_message_noqueue() which sets ctlr->cur_msg 2. Spi transfer begins via spi_transfer_one_message() 3. System is suspended interrupting the transfer context 4. System is resumed 6. spi_controller_resume() calls spi_start_queue() which resets cur_msg to NULL 7. Spi transfer context resumes and spi_finalize_current_message() is called which dereferences cur_msg (which is now NULL) Wait for synchronous transfers to complete before suspending by acquiring the bus mutex and setting/checking a suspend flag. | |||||
| CVE-2022-41035 | 1 Microsoft | 1 Edge Chromium | 2025-01-02 | N/A | 5.3 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2022-38047 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-38029 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 7.0 HIGH |
| Windows ALPC Elevation of Privilege Vulnerability | |||||
| CVE-2022-38027 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 7.0 HIGH |
| Windows Storage Elevation of Privilege Vulnerability | |||||
| CVE-2022-38021 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server 2012 and 3 more | 2025-01-02 | N/A | 7.0 HIGH |
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | |||||
| CVE-2022-38000 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-33634 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-30198 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-24504 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-22035 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
| CVE-2022-30163 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2025-01-02 | 6.0 MEDIUM | 8.5 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||