Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-19 CVE-2023-21586 NULL Pointer Dereference vulnerability in Adobe products
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability.
local
low complexity
adobe CWE-476
5.5
5.5
2024-12-18 CVE-2022-40732 An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643.
local
low complexity
CWE-476
5.0
5.0
2024-12-18 CVE-2022-40733 An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643.
local
low complexity
CWE-476
5.0
5.0
2024-12-18 CVE-2024-39804 A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS.
local
low complexity
CWE-347
7.1
7.1
2024-12-18 CVE-2024-41138 A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS.
local
low complexity
CWE-347
7.1
7.1
2024-12-18 CVE-2024-41145 A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS.
local
low complexity
CWE-347
7.1
7.1
2024-12-18 CVE-2024-41159 A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS.
local
low complexity
CWE-347
7.1
7.1
2024-12-18 CVE-2024-41165 A library injection vulnerability exists in Microsoft Word 16.83 for macOS.
local
low complexity
CWE-347
7.1
7.1
2024-12-18 CVE-2024-12686 OS Command Injection vulnerability in Beyondtrust Remote Support
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
network
low complexity
beyondtrust CWE-78
7.2
7.2
2024-12-18 CVE-2024-51470 IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.
network
low complexity
CWE-754
6.5
6.5