| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability |
| BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same. |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| Visual Studio Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Remote Code Execution Vulnerability |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. An app may be able to gain root privileges. |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network. |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. |
| Microsoft Excel Remote Code Execution Vulnerability |
| An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS version 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9 and before 7.0.15 allows an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targetted FortiGate to a malicious upstream FortiGate they control. |
| Microsoft Word Remote Code Execution Vulnerability |
| Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally. |
| A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to evade FortiOS stack protections and provided the fabric service is running on the exposed interface. |
| Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Access Remote Code Execution Vulnerability |
| Microsoft Access Remote Code Execution Vulnerability |
