Search Results (52 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-10543 1 Eclipse 2 Paho Go Mqtt, Paho Mqtt 2026-01-16 5.3 Medium
In Eclipse Paho Go MQTT v3.1 library (paho.mqtt.golang) versions <=1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server (for example, part of an MQTT topic may leak into the message body in a PUBLISH packet). The issue arises because the length of the data passed in was converted from an int64/int32 (depending upon CPU) to an int16 without checks for overflows. The int16 length was then written, followed by the data (e.g. topic). This meant that when the data (e.g. topic) was over 65535 bytes then the amount of data written exceeds what the length field indicates. This could lead to a corrupt packet, or mean that the excess data leaks into another field (e.g. topic leaks into message body).
CVE-2024-38086 1 Microsoft 2 Azure Kinect Sdk, Azure Kinect Software Development Kit 2025-12-09 6.4 Medium
Azure Kinect SDK Remote Code Execution Vulnerability
CVE-2022-42475 1 Fortinet 23 Fim-7901e, Fim-7904e, Fim-7910e and 20 more 2025-10-24 9.3 Critical
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
CVE-2024-38125 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-10 7.8 High
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-49018 1 Microsoft 3 Sql Server 2016, Sql Server 2017, Sql Server 2019 2025-07-08 8.8 High
SQL Server Native Client Remote Code Execution Vulnerability
CVE-2024-43639 1 Microsoft 6 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 3 more 2025-07-08 9.8 Critical
Windows KDC Proxy Remote Code Execution Vulnerability
CVE-2023-32143 1 Dlink 4 Dap-1360, Dap-1360 Firmware, Dap-2020 and 1 more 2025-05-16 8.8 High
D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webupg endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-18423.
CVE-2024-21310 1 Microsoft 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more 2025-05-03 7.8 High
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2024-21391 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 8.8 High
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21377 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-03 5.5 Medium
Windows DNS Information Disclosure Vulnerability
CVE-2024-21352 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 8.8 High
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21440 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 8.8 High
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-21434 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-05-03 7.8 High
Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
CVE-2024-21451 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 8.8 High
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-21429 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 6.8 Medium
Windows USB Hub Driver Remote Code Execution Vulnerability
CVE-2024-28944 1 Microsoft 3 Ole Db Driver For Sql Server, Sql Server 2019, Sql Server 2022 2025-05-03 8.8 High
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29050 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-03 8.4 High
Windows Cryptographic Services Remote Code Execution Vulnerability
CVE-2024-30029 1 Microsoft 16 Windows, Windows 10 1507, Windows 10 1607 and 13 more 2025-05-03 7.5 High
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30024 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-03 7.5 High
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2024-30023 1 Microsoft 16 Windows, Windows 10 1507, Windows 10 1607 and 13 more 2025-05-03 7.5 High
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability