Total
6310 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7964 | 1 Google | 2 Android, Chrome | 2024-08-27 | N/A | 8.8 HIGH |
| Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-48925 | 1 Linux | 1 Linux Kernel | 2024-08-23 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.src_addr outside state checks If the state is not idle then resolve_prepare_src() should immediately fail and no change to global state should happen. However, it unconditionally overwrites the src_addr trying to build a temporary any address. For instance if the state is already RDMA_CM_LISTEN then this will corrupt the src_addr and would cause the test in cma_cancel_operation(): if (cma_any_addr(cma_src_addr(id_priv)) && !id_priv->cma_dev) Which would manifest as this trace from syzkaller: BUG: KASAN: use-after-free in __list_add_valid+0x93/0xa0 lib/list_debug.c:26 Read of size 8 at addr ffff8881546491e0 by task syz-executor.1/32204 CPU: 1 PID: 32204 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x141/0x1d7 lib/dump_stack.c:120 print_address_description.constprop.0.cold+0x5b/0x2f8 mm/kasan/report.c:232 __kasan_report mm/kasan/report.c:399 [inline] kasan_report.cold+0x7c/0xd8 mm/kasan/report.c:416 __list_add_valid+0x93/0xa0 lib/list_debug.c:26 __list_add include/linux/list.h:67 [inline] list_add_tail include/linux/list.h:100 [inline] cma_listen_on_all drivers/infiniband/core/cma.c:2557 [inline] rdma_listen+0x787/0xe00 drivers/infiniband/core/cma.c:3751 ucma_listen+0x16a/0x210 drivers/infiniband/core/ucma.c:1102 ucma_write+0x259/0x350 drivers/infiniband/core/ucma.c:1732 vfs_write+0x28e/0xa30 fs/read_write.c:603 ksys_write+0x1ee/0x250 fs/read_write.c:658 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xae This is indicating that an rdma_id_private was destroyed without doing cma_cancel_listens(). Instead of trying to re-use the src_addr memory to indirectly create an any address derived from the dst build one explicitly on the stack and bind to that as any other normal flow would do. rdma_bind_addr() will copy it over the src_addr once it knows the state is valid. This is similar to commit bc0bdc5afaa7 ("RDMA/cma: Do not change route.addr.src_addr.ss_family") | |||||
| CVE-2024-39383 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-20 | N/A | 7.8 HIGH |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-32927 | 1 Google | 1 Android | 2024-08-20 | N/A | 7.8 HIGH |
| In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-20789 | 1 Adobe | 1 Dimension | 2024-08-19 | N/A | 7.8 HIGH |
| Dimension versions 3.4.11 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-34117 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-08-19 | N/A | 7.8 HIGH |
| Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-39388 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-08-19 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-38159 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2024-08-16 | N/A | 9.1 CRITICAL |
| Windows Network Virtualization Remote Code Execution Vulnerability | |||||
| CVE-2024-38147 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2024-08-16 | N/A | 7.8 HIGH |
| Microsoft DWM Core Library Elevation of Privilege Vulnerability | |||||
| CVE-2024-38141 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-08-16 | N/A | 7.8 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||
| CVE-2024-38138 | 1 Microsoft | 4 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 1 more | 2024-08-16 | N/A | 7.5 HIGH |
| Windows Deployment Services Remote Code Execution Vulnerability | |||||
| CVE-2024-38158 | 1 Microsoft | 1 Azure Iot Hub Device Client Sdk | 2024-08-16 | N/A | 7.0 HIGH |
| Azure IoT SDK Remote Code Execution Vulnerability | |||||
| CVE-2024-38171 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-08-16 | N/A | 7.8 HIGH |
| Microsoft PowerPoint Remote Code Execution Vulnerability | |||||
| CVE-2024-38137 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2024-08-16 | N/A | 7.0 HIGH |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | |||||
| CVE-2024-38136 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2024-08-16 | N/A | 7.0 HIGH |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability | |||||
| CVE-2024-38199 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-15 | N/A | 9.8 CRITICAL |
| Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | |||||
| CVE-2024-39422 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | N/A | 7.8 HIGH |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-39424 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | N/A | 7.8 HIGH |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-41831 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | N/A | 7.8 HIGH |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-38150 | 1 Microsoft | 8 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 5 more | 2024-08-14 | N/A | 7.8 HIGH |
| Windows DWM Core Library Elevation of Privilege Vulnerability | |||||