Filtered by vendor Microsoft
Subscribe
Total
20857 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45071 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-10-21 | N/A | 4.8 MEDIUM |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2024-45072 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2024-10-21 | N/A | 5.5 MEDIUM |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources. | |||||
| CVE-2024-49023 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 5.3 MEDIUM |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-43578 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-43596 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.8 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-43595 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.8 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-43587 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.1 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-43579 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-43566 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 9.8 CRITICAL |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2024-43580 | 1 Microsoft | 1 Edge Chromium | 2024-10-18 | N/A | 5.4 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2024-45144 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45143 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45142 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location, potentially leading to code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45141 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45140 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45139 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45138 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45152 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45146 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Dimension versions 4.0.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-45150 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
| Dimension versions 4.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||