Filtered by vendor Microsoft
Subscriptions
Total
23282 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-37342 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-12-31 | 7.1 High |
| Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | ||||
| CVE-2024-37337 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-12-31 | 7.1 High |
| Microsoft SQL Server Native Scoring Information Disclosure Vulnerability | ||||
| CVE-2024-37339 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-12-31 | 8.8 High |
| Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
| CVE-2024-37340 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-12-31 | 8.8 High |
| Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
| CVE-2024-37335 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-12-31 | 8.8 High |
| Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
| CVE-2024-37338 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2024-12-31 | 8.8 High |
| Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability | ||||
| CVE-2022-43842 | 3 Ibm, Linux, Microsoft | 3 Aspera Console, Linux Kernel, Windows | 2024-12-31 | 8.6 High |
| IBM Aspera Console 3.4.0 through 3.4.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 239079. | ||||
| CVE-2024-8975 | 2 Grafana, Microsoft | 2 Alloy, Windows | 2024-12-26 | 7.3 High |
| Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-rc.1. | ||||
| CVE-2024-49513 | 4 Adobe, Apple, Linux and 1 more | 4 Pdf Library Sdk, Macos, Linux Kernel and 1 more | 2024-12-19 | 7.8 High |
| PDFL SDK versions 21.0.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49543 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 7.8 High |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49544 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 7.8 High |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49545 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 7.8 High |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49546 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 5.5 Medium |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49547 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 5.5 Medium |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49548 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 5.5 Medium |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49549 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-12-18 | 5.5 Medium |
| InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-53954 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-12-18 | 7.8 High |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-53953 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-12-18 | 7.8 High |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-45156 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-12-18 | 7.8 High |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-45155 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-12-18 | 7.8 High |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||