CVE Daily
← All tags

Tag: IDL

All CVEs associated with "IDL". Page 1/1 • 7 CVEs.

About “IDL”

A curated feed of “IDL”-related CVEs appears below. We currently track 7 CVEs for this tag (all time). In the last 365 days, 1 were published. Average CVSS is 7.9 (all time; 7.8 over 365d), and 57% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-415 - Double Free.

In our taxonomy this topic maps to a LOW impact class. Language runtimes and libraries cascade through dependency graphs. Upgrade runtime and toolchain, pin versions, rebuild images, and enable SAST or DAST and linters. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: idl

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

CycleReleaseLatestEOLLTS
9.29.2.0-
9.19.1.0 Expired
9.09.0.0 Expired
8.98.9.0 Expired
8.88.8.3 Expired
8.78.7.3 Expired
8.68.6.0 Expired
8.58.5.0 Expired
8.48.4.0 Expired
8.38.3.0 Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS (expired)  ·  ICS

Subscribe CVEs: RSS for “IDL”  ·  RSS (High+Critical only)

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2026-01-13
High

CVE-2026-20832

Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability

CVSS: 7.8 CWE: CWE-415 - Double Free View on NVD
2023-08-15
High

CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially explo…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2018-02-01
Medium

CVE-2015-2203

Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFF_LOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controlle…

CVSS: 6.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2013-7435

The open-ils.pcrud endpoint in Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to obtain sensitive settings history information by leveraging lack of user p…

CVSS: 6.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2016-08-06
Medium

CVE-2016-6503

The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of servic…

CVSS: 5.9 CWE: CWE-20 - Improper Input Validation View on NVD
2014-03-19
Critical

CVE-2014-1510

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript cod…

CVSS: 9.8 CWE: CWE-269 - Improper Privilege Management View on NVD
2009-06-10
Critical

CVE-2009-0568

The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which…

CVSS: 10.0 CWE: CWE-264 View on NVD
CVE Daily Lookup — auto-links CVE IDs on any page you visit. GitHub, Jira, Confluence & more. Free.
Chrome Firefox