Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability.

Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter Intelligence (All versions), Opcenter Quality (All versions), Opcenter RDL (All versions), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code.

SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Heap-based Buffer Overflow vulnerability in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) via gf_fwrite component in at utils/os_file.c.

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2_image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

Windows Telephony Service Remote Code Execution Vulnerability

Windows Telephony Service Remote Code Execution Vulnerability

A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 (7,0,2019,0220). While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to the number of style levels, causing a vtable pointer to be overwritten, which leads to code execution.

Windows Telephony Service Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Windows Telephony Server Remote Code Execution Vulnerability

Windows Telephony Service Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows IP Routing Management Snapin Remote Code Execution Vulnerability

SQL Server Native Client Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows IP Routing Management Snapin Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability