Total
12402 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-52570 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24365) | |||||
| CVE-2024-52569 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24260) | |||||
| CVE-2024-52566 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24233) | |||||
| CVE-2024-52565 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24231) | |||||
| CVE-2024-45471 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-45470 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-45469 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2022-23086 | 1 Freebsd | 1 Freebsd | 2024-12-09 | N/A | 7.8 HIGH |
| Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small. Users with access to the mpr, mps or mpt device node may overwrite heap data, potentially resulting in privilege escalation. Note that the device node is only accessible to root and members of the operator group. | |||||
| CVE-2022-23085 | 1 Freebsd | 1 Freebsd | 2024-12-09 | N/A | 8.2 HIGH |
| A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment. | |||||
| CVE-2023-42848 | 1 Apple | 5 Ipad Os, Iphone Os, Macos and 2 more | 2024-12-09 | N/A | 7.8 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. Processing a maliciously crafted image may lead to heap corruption. | |||||
| CVE-2024-23265 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-09 | N/A | 7.8 HIGH |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2024-44244 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2024-12-06 | N/A | 4.3 MEDIUM |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash. | |||||
| CVE-2024-20739 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-12-06 | N/A | 7.8 HIGH |
| Audition versions 24.0.3, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-42366 | 1 Busybox | 1 Busybox | 2024-12-06 | N/A | 5.5 MEDIUM |
| A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. | |||||
| CVE-2024-23234 | 1 Apple | 1 Macos | 2024-12-06 | N/A | 6.7 MEDIUM |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-23516 | 1 Apple | 1 Macos | 2024-12-05 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-32397 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-12-05 | N/A | 7.5 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system. | |||||
| CVE-2023-32395 | 1 Apple | 1 Macos | 2024-12-05 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An app may be able to modify protected parts of the file system. | |||||
| CVE-2024-20772 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-12-05 | N/A | 7.8 HIGH |
| Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-20745 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-12-04 | N/A | 7.8 HIGH |
| Premiere Pro versions 24.1, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||