Latest microsoft windows Vulnerabilities

CVE-2024-27265
IBM Integration Bus for z/OS cross-site request forgery
IBM Integration Bus for z/OS<=10.1 - 10.1.0.3
IBM Integration Bus>=10.1<=10.1.0.3
IBM WebSphere Application Server Liberty
Linux Linux kernel
Microsoft Windows
CVE-2024-20738
Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability | CVE-2023-44324 bypass
Adobe FrameMaker Publishing Server<2022
Adobe FrameMaker Publishing Server=2022
Adobe FrameMaker Publishing Server=2022-update1
Microsoft Windows
CVE-2024-20726
[TianfuCup] JP2K Image Parsing Out-Of-Bounds Write
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20730
TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20731
TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20727
[TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20747
TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20733
[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20734
ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20748
TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20728
ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20736
ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20749
TALOS-2023-1910 - Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20735
TALOS-2023-1905 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-20729
TALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
CVE-2024-21338
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft Windows 10=1809
Microsoft Windows Server 2019
Microsoft Windows 10=22H2
Microsoft Windows Server 2022
Microsoft Windows 11=23H2
Microsoft Windows Server 2022, 23H2 Edition
and 24 more
CVE-2024-21351
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft Windows Server 2016
Microsoft Windows 10=21H2
Microsoft Windows 10=21H2
Microsoft Windows 10=1809
Microsoft Windows Server 2022
Microsoft Windows 10=1607
and 32 more
CVE-2024-21412
Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability
Microsoft Windows
Microsoft Windows 10=21H2
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 10=21H2
Microsoft Windows 10=1809
Microsoft Windows 11=21H2
and 29 more
CVE-2024-1149
Improper validation of update packages
Snowsoftware Snow Inventory Agent<6.7.2
Snowsoftware Snow Inventory Agent>=6.14.0<6.14.5
Snowsoftware Snow Inventory Agent=6.12.0
Apple macOS
Linux Linux kernel
Microsoft Windows
CVE-2024-23769
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.
Samsung Magician=8.0.0
Microsoft Windows
CVE-2023-32479
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-defaul...
Dell Encryption<11.9.0
Dell Endpoint Security Suite Enterprise<11.9.0
Dell Security Management Server<11.9.0
Microsoft Windows
CVE-2024-25140
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid fro...
Rustdesk Rustdesk=1.2.3
Microsoft Windows
CVE-2020-24682
Automation Studio and PVI Multiple unquoted service path vulnerabilities
Br-automation Automation Studio<4.7.7.74
Br-automation Automation Studio>=4.8<4.8.6.30
Br-automation Automation Studio>=4.9<4.9.4.92
Microsoft Windows
Br-automation Automation Net\/pvi>=4.0<4.7.7
Br-automation Automation Net\/pvi>=4.8<4.8.6
and 2 more
CVE-2020-24681
Automation Studio and PVI Multiple incorrect permission assignments for services
Br-automation Automation Studio>=4.0<4.7.7.74
Br-automation Automation Studio>=4.8<4.8.6.30
Br-automation Automation Studio>=4.9<4.9.4.92
Microsoft Windows
CVE-2024-24482
Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal.
Apktool Apktool<2.9.3
Microsoft Windows
CVE-2024-0589
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a ma...
Devolutions Remote Desktop Manager<=2023.3.36.0
Microsoft Windows
CVE-2023-4554
XML External Entity (XXE) Processing
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
CVE-2023-4553
Unauthenticated Access to AppBuilder Configuration Files
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
CVE-2023-4552
Java Database Connectivity (JDBC) URL Manipulation
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
CVE-2023-4551
Command Injection via Task Scheduler
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
CVE-2023-4550
Unauthenticated Arbitrary File Read
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
CVE-2024-23940
Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited ...
Trendmicro Air Support<6.0.2103
Trend Micro Maximum Security<6.0.2103
Trendmicro Internet Security<6.0.2103
Trendmicro Maximum Security<6.0.2103
Trendmicro Premium Security<6.0.2103
Microsoft Windows
CVE-2024-23441
Vba32 Antivirus v3.36.0 - Denial of Service (DoS)
Anti-virus Vba32=3.36.0
Microsoft Windows
CVE-2023-3181
Insecure Permissions in Splashtop Software Updater
Splashtop Software Updater<=1.5.6.21
Microsoft Windows
CVE-2024-23331
Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem
npm/vite>=5.0.0<=5.0.11
npm/vite>=4.0.0<=4.5.1
npm/vite>=3.0.0<=3.2.7
npm/vite>=2.7.0<=2.9.16
Vitejs Vite>=2.7.0<2.9.17
Vitejs Vite>=3.0.0<3.2.8
and 3 more
CVE-2024-0725
ProSSHD denial of service
=1.2_20090726
CVE-2024-22410
Binary Planting Attack on Windows Platforms in Creditcoin
Gluwa Creditcoin
Microsoft Windows
CVE-2023-6335
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Microsoft Windows
CVE-2023-6334
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Microsoft Windows
CVE-2023-5097
Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Microsoft Windows
CVE-2023-49107
Generation of Error Message Containing Sensitive Information Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
CVE-2023-49106
Missing Password Field Masking Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
CVE-2023-40683
IBM OpenPages with Watson privilege escalation
IBM OpenPages with Watson<=9.0
IBM OpenPages with Watson<=IBM OpenPages with Watson 8.3
IBM OpenPages with Watson>=8.3<8.3.0.2.7
IBM OpenPages with Watson=9.0
Linux Linux kernel
Microsoft Windows
CVE-2023-38738
IBM OpenPages with Watson information disclosure
IBM OpenPages with Watson<=9.0
IBM OpenPages with Watson<=IBM OpenPages with Watson 8.3
IBM OpenPages with Watson>=8.3<8.3.0.2.7
IBM OpenPages with Watson=9.0
Linux Linux kernel
Microsoft Windows
CVE-2023-35020
IBM Sterling Control Center directory traversal
IBM Sterling Control Center<=6.3.0
IBM Sterling Control Center=6.3.0
IBM AIX
Ibm Linux On Ibm Z
Linux Linux kernel
Microsoft Windows
CVE-2023-49647
Zoom Desktop Client for Windows - Improper Access Control
Zoom Meeting Software Development Kit<5.16.10
Zoom Video Software Development Kit<5.16.10
Zoom Zoom<5.16.10
Zoom Virtual Desktop Infrastructure<5.14.14
Zoom Virtual Desktop Infrastructure>=5.15.0<5.15.12
Zoom Virtual Desktop Infrastructure>=5.16.0<5.16.10
and 1 more
CVE-2023-31036
CVE
NVIDIA Triton Inference Server<2.40
Linux Linux kernel
Microsoft Windows
CVE-2023-40250
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Hancom HCell on Windows allows Overflow Buffers.This issue affects HCell: 12.0.0.893.
Hancom HCell=12.0.0.893
Microsoft Windows
CVE-2023-51750
ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configur...
Scalefusion Scalefusion=10.5.2
Microsoft Windows
CVE-2023-51751
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App a...
Scalefusion Scalefusion=10.5.2
Microsoft Windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203