Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45615 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2024-11-21 | N/A | 9.8 CRITICAL |
|
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
|
|||||
| CVE-2023-45614 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2024-11-21 | N/A | 9.8 CRITICAL |
|
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
|
|||||
| CVE-2023-45468 | 1 Netis-systems | 2 N3m, N3m Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-45464 | 1 Netis-systems | 2 N3m, N3m Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-45463 | 1 Netis-systems | 2 N3m, N3m Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-45199 | 1 Arm | 1 Mbed Tls | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.
|
|||||
| CVE-2023-45044 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
|
|||||
| CVE-2023-45043 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
|
|||||
| CVE-2023-45042 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
|
|||||
| CVE-2023-45041 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
|
|||||
| CVE-2023-45040 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
|
|||||
| CVE-2023-45039 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
|
|||||
| CVE-2023-45037 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.3.2578 build 20231110 and later
QuTS hero h5.1.3.2578 build 20231110 and later
QuTScloud c5.1.5.2651 and later
|
|||||
| CVE-2023-45036 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.3.2578 build 20231110 and later
QuTS hero h5.1.3.2578 build 20231110 and later
QuTScloud c5.1.5.2651 and later
|
|||||
| CVE-2023-45035 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | N/A | 3.8 LOW |
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
QuTScloud c5.1.5.2651 and later
|
|||||
| CVE-2023-44839 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44838 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44837 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44836 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44835 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44834 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44833 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44832 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44831 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44830 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44829 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-44828 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2023-43907 | 1 Optipng Project | 1 Optipng | 2024-11-21 | N/A | 7.8 HIGH |
|
OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c.
|
|||||
| CVE-2023-43896 | 1 Macrium | 1 Reflect | 2024-11-21 | N/A | 7.8 HIGH |
|
A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code.
|
|||||
| CVE-2023-43887 | 1 Struktur | 1 Libde265 | 2024-11-21 | N/A | 8.1 HIGH |
|
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.
|
|||||
| CVE-2023-43824 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
|
|||||
| CVE-2023-43823 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
|
|||||
| CVE-2023-43822 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
|
|||||
| CVE-2023-43821 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
|
|||||
| CVE-2023-43820 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
|
|||||
| CVE-2023-43819 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
|
|||||
| CVE-2023-43818 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.
|
|||||
| CVE-2023-43817 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 7.5 HIGH |
|
A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution.
|
|||||
| CVE-2023-43816 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 6.3 MEDIUM |
|
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution.
|
|||||
| CVE-2023-43815 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 7.1 HIGH |
|
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution.
|
|||||