| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft Streaming Service Elevation of Privilege Vulnerability |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Winlogon Elevation of Privilege Vulnerability |
| Winlogon Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows OLE Remote Code Execution Vulnerability |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
| Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
| Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability |
| DHCP Server Service Denial of Service Vulnerability |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. |
| procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux and Fedora), the impact is limited to a crash. |
| The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). |
| The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure. |
| The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. |
| An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. |
| procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service). |
