Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
34,799 matching · page 363/696Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2024-34136(opens NVD record) | Medium | 5.5 | Illustrator versions 28.5, 27.9.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-34135(opens NVD record) | Medium | 5.5 | Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-34134(opens NVD record) | Medium | 5.5 | Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-34133(opens NVD record) | High | 7.8 | Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-34127(opens NVD record) | Medium | 5.5 | InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-34118(opens NVD record) | Medium | 5.5 | Illustrator versions 28.5, 27.9.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service condition. An attacker could exploit this vulnerability to render the application unresponsive or terminate its execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-34117(opens NVD record) | High | 7.8 | Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-38483(opens NVD record) | Medium | 5.8 | Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | Aug 14, 2024 |
| CVE-2024-41858(opens NVD record) | High | 7.8 | InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Aug 14, 2024 |
| CVE-2024-38653(opens NVD record) | High | 7.5 | XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server. | Aug 14, 2024 |
| CVE-2024-38652(opens NVD record) | Critical | 9.1 | Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion. | Aug 14, 2024 |
| CVE-2024-37399(opens NVD record) | High | 7.5 | A NULL pointer dereference in WLAvalancheService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. | Aug 14, 2024 |
| CVE-2024-37373(opens NVD record) | High | 7.2 | Improper input validation in the Central Filestore in Ivanti Avalanche 6.3.1 allows a remote authenticated attacker with admin rights to achieve RCE. | Aug 14, 2024 |
| CVE-2024-36136(opens NVD record) | High | 7.5 | An off-by-one error in WLInfoRailService in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to crash the service, resulting in a DoS. | Aug 14, 2024 |
| CVE-2024-38163(opens NVD record) | High | 7.8 | Windows Update Stack Elevation of Privilege Vulnerability | Aug 14, 2024 |
| CVE-2024-28986(opens NVD record) | Critical | 9.8 | SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available. | Aug 13, 2024 |
| CVE-2024-7593(opens NVD record) | Critical | 9.8 | Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. | Aug 13, 2024 |
| CVE-2024-7570(opens NVD record) | High | 8.3 | Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as any user. | Aug 13, 2024 |
| CVE-2024-7569(opens NVD record) | Critical | 9.6 | An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information. | Aug 13, 2024 |
| CVE-2024-38223(opens NVD record) | Medium | 6.8 | Windows Initial Machine Configuration Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38215(opens NVD record) | High | 7.8 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38214(opens NVD record) | Medium | 6.5 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Aug 13, 2024 |
| CVE-2024-38213(opens NVD record) | Medium | 6.5 | Windows Mark of the Web Security Feature Bypass Vulnerability | Aug 13, 2024 |
| CVE-2024-38211(opens NVD record) | High | 8.2 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Aug 13, 2024 |
| CVE-2024-38201(opens NVD record) | High | 7.0 | Azure Stack Hub Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38199(opens NVD record) | Critical | 9.8 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38198(opens NVD record) | High | 7.5 | Windows Print Spooler Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38197(opens NVD record) | Medium | 6.5 | Microsoft Teams for iOS Spoofing Vulnerability | Aug 13, 2024 |
| CVE-2024-38196(opens NVD record) | High | 7.8 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38195(opens NVD record) | High | 7.8 | Azure CycleCloud Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38193(opens NVD record) | High | 7.8 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38191(opens NVD record) | High | 7.8 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38189(opens NVD record) | High | 8.8 | Microsoft Project Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38187(opens NVD record) | High | 7.8 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38186(opens NVD record) | High | 7.8 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38185(opens NVD record) | High | 7.8 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38184(opens NVD record) | High | 7.8 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38180(opens NVD record) | High | 8.8 | Windows SmartScreen Security Feature Bypass Vulnerability | Aug 13, 2024 |
| CVE-2024-38178(opens NVD record) | High | 7.5 | Scripting Engine Memory Corruption Vulnerability | Aug 13, 2024 |
| CVE-2024-38177(opens NVD record) | High | 7.8 | Windows App Installer Spoofing Vulnerability | Aug 13, 2024 |
| CVE-2024-38173(opens NVD record) | Medium | 6.7 | Microsoft Outlook Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38172(opens NVD record) | High | 7.8 | Microsoft Excel Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38171(opens NVD record) | High | 7.8 | Microsoft PowerPoint Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38170(opens NVD record) | High | 7.1 | Microsoft Excel Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38169(opens NVD record) | High | 7.8 | Microsoft Office Visio Remote Code Execution Vulnerability | Aug 13, 2024 |
| CVE-2024-38168(opens NVD record) | High | 7.5 | .NET and Visual Studio Denial of Service Vulnerability | Aug 13, 2024 |
| CVE-2024-38167(opens NVD record) | Medium | 6.5 | .NET and Visual Studio Information Disclosure Vulnerability | Aug 13, 2024 |
| CVE-2024-38165(opens NVD record) | Medium | 6.5 | Windows Compressed Folder Tampering Vulnerability | Aug 13, 2024 |
| CVE-2024-38162(opens NVD record) | High | 7.8 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Aug 13, 2024 |
| CVE-2024-38161(opens NVD record) | Medium | 6.8 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | Aug 13, 2024 |