Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-38032

Summary
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At-09 Jul, 2024 | 17:03
Updated At-05 May, 2025 | 17:01
Rejected At-
Credits

Microsoft Xbox Remote Code Execution Vulnerability

Microsoft Xbox Remote Code Execution Vulnerability

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:microsoft
Assigner Org ID:f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At:09 Jul, 2024 | 17:03
Updated At:05 May, 2025 | 17:01
Rejected At:
▼CVE Numbering Authority (CNA)
Microsoft Xbox Remote Code Execution Vulnerability

Microsoft Xbox Remote Code Execution Vulnerability

Affected Products
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 version 21H2
Platforms
  • x64-based Systems
  • ARM64-based Systems
Versions
Affected
  • From 10.0.0 before 10.0.22000.3079 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 10 Version 21H2
Platforms
  • 32-bit Systems
  • ARM64-based Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.19043.0 before 10.0.19044.4651 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 version 22H2
Platforms
  • ARM64-based Systems
  • x64-based Systems
Versions
Affected
  • From 10.0.22621.0 before 10.0.22621.3880 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 10 Version 22H2
Platforms
  • x64-based Systems
  • ARM64-based Systems
  • 32-bit Systems
Versions
Affected
  • From 10.0.19045.0 before 10.0.19045.4651 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 version 22H3
Platforms
  • ARM64-based Systems
Versions
Affected
  • From 10.0.22631.0 before 10.0.22631.3880 (custom)
Vendor
Microsoft CorporationMicrosoft
Product
Windows 11 Version 23H2
Platforms
  • x64-based Systems
Versions
Affected
  • From 10.0.22631.0 before 10.0.22631.3880 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-122CWE-122: Heap-based Buffer Overflow
Type: CWE
CWE ID: CWE-122
Description: CWE-122: Heap-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.17.1HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38032
vendor-advisory
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38032
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38032
vendor-advisory
x_transferred
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38032
Resource:
vendor-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@microsoft.com
Published At:09 Jul, 2024 | 17:15
Updated At:11 Jul, 2024 | 16:31

Microsoft Xbox Remote Code Execution Vulnerability

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.1HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Microsoft Corporation
microsoft
>>windows_10_21h2>>Versions before 10.0.19044.4651(exclusive)
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_10_22h2>>Versions before 10.0.19045.4651(exclusive)
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_11_21h2>>Versions before 10.0.22000.3079(exclusive)
cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_11_22h2>>Versions before 10.0.22621.3880(exclusive)
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_11_23h2>>Versions before 10.0.22631.3880(exclusive)
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-122Secondarysecure@microsoft.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-122
Type: Secondary
Source: secure@microsoft.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38032secure@microsoft.com
Patch
Vendor Advisory
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38032
Source: secure@microsoft.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2064Records found
CVE-2023-24928
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.83% / 85.63%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 19:13
Updated-28 Feb, 2025 | 21:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24948
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.4||HIGH
EPSS-0.36% / 57.51%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 17:02
Updated-10 Jul, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Bluetooth Driver Elevation of Privilege Vulnerability

Windows Bluetooth Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_10_20h2windows_server_2019windows_10_1607Windows Server 2016Windows Server 2012 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2012 R2Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 1507Windows Server 2012Windows 10 Version 1809Windows Server 2019Windows 10 Version 1607Windows 10 Version 21H2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2010-0127
Matching Score-6
Assigner-Flexera Software LLC
ShareView Details
Matching Score-6
Assigner-Flexera Software LLC
CVSS Score-8.8||HIGH
EPSS-12.35% / 93.62%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsshockwave_playermacosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24868
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-21882
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-89.80% / 99.54%
||
7 Day CHG~0.00%
Published-11 Jan, 2022 | 20:22
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-02-18||Apply updates per vendor instructions.
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_21h2windows_10_21h2windows_10_1909windows_server_2022windows_10_20h2windows_server_2019windows_10_1809windows_10_21h1windows_server_20h2Windows Server version 20H2Windows 10 Version 1809Windows Server 2019 (Server Core installation)Windows 10 Version 20H2Windows 10 Version 21H1Windows 11 version 21H2Windows Server 2019Windows 10 Version 1909Windows 10 Version 21H2Windows Server 2022Win32k
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24907
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2009-3831
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-7.34% / 91.32%
||
7 Day CHG~0.00%
Published-30 Oct, 2009 | 20:05
Updated-07 Aug, 2024 | 06:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.

Action-Not Available
Vendor-n/aOperaMicrosoft Corporation
Product-windowsopera_browsern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24912
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 19:13
Updated-23 Jan, 2025 | 01:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Graphics Component Elevation of Privilege Vulnerability

Windows Graphics Component Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2Windows Server 2016Windows 10 Version 20H2Windows Server 2012 (Server Core installation)Windows 10 Version 21H2Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607Windows 11 version 22H2Windows Server 2022Windows 11 version 21H2Windows 10 Version 1507Windows Server 2012Windows Server 2016 (Server Core installation)Windows 10 Version 1809Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24897
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.26% / 83.96%
||
7 Day CHG+0.58%
Published-14 Jun, 2023 | 14:52
Updated-01 Jan, 2025 | 01:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_server_2008windows_11_22h2windows_10_1507visual_studio_2019windows_11_21h2.net_frameworkwindows_10_21h2windows_10_1809visual_studio_2022visual_studio.netwindows_10_22h2windows_server_2022visual_studio_2017windows_server_2019windows_10_1607Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2Microsoft Visual Studio 2022 version 17.6Microsoft Visual Studio 2022 version 17.4PowerShell 7.2Microsoft .NET Framework 3.5 and 4.6.2Microsoft Visual Studio 2013 Update 5.NET 6.0Microsoft Visual Studio 2015 Update 3Microsoft .NET Framework 3.5 AND 4.8.NET 7.0Microsoft .NET Framework 4.8Microsoft .NET Framework 3.5 AND 4.8.1Microsoft .NET Framework 4.6.2Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2022 version 17.2Microsoft Visual Studio 2022 version 17.0Microsoft .NET Framework 3.5 AND 4.7.2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-37328
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.22% / 83.81%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2022sql_server_2017Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24876
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24913
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24926
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.83% / 85.63%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 19:13
Updated-28 Feb, 2025 | 21:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24943
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.30% / 78.92%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 17:02
Updated-10 Jul, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows Server 2012 R2 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2012 R2Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2019Windows Server 2016Windows Server 2012 (Server Core installation)Windows 11 version 22H2Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 1507Windows Server 2012Windows 10 Version 1607Windows 10 Version 21H2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-37322
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.22% / 83.81%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2022sql_server_2017Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-37324
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.98% / 85.99%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2022sql_server_2017Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-37330
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.22% / 83.81%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2022sql_server_2017Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2021-21017
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-89.72% / 99.54%
||
7 Day CHG~0.00%
Published-11 Feb, 2021 | 19:42
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.Apple Inc.
Product-macosacrobat_readeracrobat_dcacrobat_reader_dcacrobatwindowsAcrobat ReaderAcrobat and Reader
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-37335
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-11.24% / 93.24%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:53
Updated-31 Dec, 2024 | 23:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2019sql_server_2022sql_2016_azure_connect_feature_packsql_server_2017sql_server_2016Microsoft SQL Server 2022 for (CU 14)Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 (CU 28)Microsoft SQL Server 2022 (GDR)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-24867
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-35271
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.98% / 85.99%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2022sql_server_2017Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-23400
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-1.23% / 78.35%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-01 Jan, 2025 | 00:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows DNS Server Remote Code Execution Vulnerability

Windows DNS Server Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_server_2019windows_server_2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows Server 2016
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2009-3953
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-90.51% / 99.59%
||
7 Day CHG~0.00%
Published-13 Jan, 2010 | 19:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-22||Apply updates per vendor instructions.

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.

Action-Not Available
Vendor-n/aAdobe Inc.Microsoft CorporationSUSEApple Inc.openSUSE
Product-linux_enterprise_debuginfomac_os_xopensuseacrobatwindowslinux_enterprisen/aAcrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-37327
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.98% / 85.99%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2022sql_server_2017Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-23403
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-23381
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 20:09
Updated-01 Jan, 2025 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Remote Code Execution Vulnerability

Visual Studio Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2019visual_studio_2017visual_studio_2022Microsoft Visual Studio 2013 Update 5Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft Visual Studio 2022 version 17.4Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2022 version 17.2Microsoft Visual Studio 2015 Update 3Microsoft Visual Studio 2022 version 17.0
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-23376
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-18.78% / 95.04%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-03-07||Apply updates per vendor instructions.
Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1607windows_10_1507windows_11_21h2windows_server_2019windows_server_2016windows_10_1809windows_10_22h2windows_server_2012windows_server_2022windows_11_22h2windows_10_21h2windows_server_2008windows_10_20h2Windows 10 Version 1809Windows 10 Version 22H2Windows 10 Version 1507Windows 10 Version 1607Windows 10 Version 20H2Windows 11 version 21H2Windows Server 2019Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2008 Service Pack 2Windows Server 2022Windows Server 2016Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-37334
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.43% / 84.52%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2019ole_db_driver_for_sql_serversql_server_2022Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft OLE DB Driver 19 for SQL ServerMicrosoft SQL Server 2022 (GDR)Microsoft OLE DB Driver 18 for SQL ServerMicrosoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-23384
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-0.80% / 73.01%
||
7 Day CHG~0.00%
Published-11 Apr, 2023 | 19:13
Updated-23 Jan, 2025 | 01:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft SQL Server Remote Code Execution Vulnerability

Microsoft SQL Server Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_serverMicrosoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2014 Service Pack 3 (GDR)Microsoft SQL Server 2012 Service Pack 4 (QFE)Microsoft SQL Server 2019 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)Microsoft SQL Server 2014 Service Pack 3 (CU 4)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2019 (CU 18)Microsoft SQL Server 2008 Service Pack 4 (QFE)Microsoft SQL Server 2008 R2 Service Pack 3 (QFE)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-23406
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 20H2Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-23390
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.83% / 73.68%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-01 Jan, 2025 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
3D Builder Remote Code Execution Vulnerability

3D Builder Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-3d_builder3D Builder
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-37319
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-2.98% / 85.99%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:02
Updated-05 May, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-sql_server_2016sql_server_2019sql_server_2022sql_server_2017Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature PackMicrosoft SQL Server 2019 (GDR)Microsoft SQL Server 2022 for (CU 13)Microsoft SQL Server 2022 (GDR)Microsoft SQL Server 2016 Service Pack 3 (GDR)Microsoft SQL Server 2017 (GDR)Microsoft SQL Server 2017 (CU 31)Microsoft SQL Server 2019 for x64-based Systems (CU 27)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2009-3129
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-91.03% / 99.62%
||
7 Day CHG~0.00%
Published-11 Nov, 2009 | 19:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-excel_viewerofficeopen_xml_file_format_converterexceln/aExcel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23378
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.77% / 72.54%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:32
Updated-01 Jan, 2025 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Print 3D Remote Code Execution Vulnerability

Print 3D Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-print_3dPrint 3D
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-21793
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.13% / 77.44%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
3D Builder Remote Code Execution Vulnerability

3D Builder Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-3d_builder3D Builder
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-21733
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.10% / 29.14%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Bind Filter Driver Elevation of Privilege Vulnerability

Windows Bind Filter Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_11_22h2windows_11_21h2windows_10_22h2windows_10_20h2windows_server_2022Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 21H2Windows 10 Version 22H2Windows 10 Version 20H2
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2023-21780
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.04% / 76.57%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
3D Builder Remote Code Execution Vulnerability

3D Builder Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-3d_builder3D Builder
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2016-0967
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-43.25% / 97.41%
||
7 Day CHG~0.00%
Published-10 Feb, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.

Action-Not Available
Vendor-n/aAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-flash_playerchrome_oslinux_kerneliphone_osflash_player_desktop_runtimeair_desktop_runtimeair_sdkair_sdk_\&_compilerwindowswindows_8.1mac_os_xandroidwindows_10n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21792
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.13% / 77.44%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
3D Builder Remote Code Execution Vulnerability

3D Builder Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-3d_builder3D Builder
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-22238
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.99%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-02 Aug, 2024 | 13:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe After Effects Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsmacosafter_effectsAfter Effectsafter_effects
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21791
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.13% / 77.44%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
3D Builder Remote Code Execution Vulnerability

3D Builder Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-3d_builder3D Builder
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-22237
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.99%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-02 Aug, 2024 | 13:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe After Effects Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsmacosafter_effectsAfter Effectsafter_effects
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22234
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.18% / 40.15%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-05 Mar, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Premiere Rush PSD file Stack-based Buffer Overflow Arbitrary code execution

Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Microsoft Corporation
Product-windowspremiere_rushPremiere Rush
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22243
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.36%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-05 Mar, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Animate SVG file Stack-based Buffer Overflow Arbitrary code execution

Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsanimatemacosAnimate
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22229
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.99%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-05 Mar, 2025 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsbridgemacosBridge
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21782
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-1.13% / 77.44%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 00:00
Updated-01 Jan, 2025 | 00:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
3D Builder Remote Code Execution Vulnerability

3D Builder Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-3d_builder3D Builder
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-21812
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.30% / 86.71%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-01 Jan, 2025 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_10windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-22226
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-05 Mar, 2025 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Bridge SVG file Stack-based Buffer Overflow Arbitrary code execution

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsbridgemacosBridge
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22240
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.21%
||
7 Day CHG~0.00%
Published-27 Jan, 2023 | 00:00
Updated-05 Mar, 2025 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-19517: Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22230
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.60%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-05 Mar, 2025 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsbridgemacosBridge
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 41
  • 42
  • Next
Details not found