Total
2901 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4685 | 1 Deltaww | 2 Cncsoft-b, Dopsoft | 2024-11-21 | N/A | 7.8 HIGH |
|
Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code.
|
|||||
| CVE-2023-4601 | 2 Microsoft, Ni | 2 Windows, System Configuration | 2024-11-21 | N/A | 8.1 HIGH |
|
A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions.
|
|||||
| CVE-2023-4273 | 5 Debian, Fedoraproject, Linux and 2 more | 12 Debian Linux, Fedora, Linux Kernel and 9 more | 2024-11-21 | N/A | 6.0 MEDIUM |
|
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.
|
|||||
| CVE-2023-4263 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 7.6 HIGH |
|
Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver
|
|||||
| CVE-2023-4249 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2.1.6.05 has a
command injection vulnerability in their implementation of their
binaries and handling of network requests.
|
|||||
| CVE-2023-49424 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
|
|||||
| CVE-2023-49287 | 1 Cxong | 1 Tinydir | 2024-11-21 | N/A | 7.7 HIGH |
|
TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6.
|
|||||
| CVE-2023-49129 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
|
|||||
| CVE-2023-48266 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2024-11-21 | N/A | 8.1 HIGH |
|
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.
|
|||||
| CVE-2023-48265 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2024-11-21 | N/A | 8.1 HIGH |
|
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.
|
|||||
| CVE-2023-48264 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2024-11-21 | N/A | 8.1 HIGH |
|
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.
|
|||||
| CVE-2023-48262 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2024-11-21 | N/A | 8.1 HIGH |
|
The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request.
|
|||||
| CVE-2023-46720 | 1 Fortinet | 1 Fortios | 2024-11-21 | N/A | 6.7 MEDIUM |
|
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.
|
|||||
| CVE-2023-46714 | 1 Fortinet | 1 Fortios | 2024-11-21 | N/A | 7.2 HIGH |
|
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests.
|
|||||
| CVE-2023-46564 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ.
|
|||||
| CVE-2023-46563 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS.
|
|||||
| CVE-2023-46562 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg.
|
|||||
| CVE-2023-46560 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup.
|
|||||
| CVE-2023-46559 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr.
|
|||||
| CVE-2023-46553 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl.
|
|||||
| CVE-2023-46552 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP.
|
|||||
| CVE-2023-46223 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-11-21 | N/A | 9.8 CRITICAL |
|
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.
|
|||||
| CVE-2023-45984 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg.
|
|||||
| CVE-2023-45601 | 1 Siemens | 2 Parasolid, Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21 ...
Show More |
|||||
| CVE-2023-45225 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras with firmware version M2.1.6.05 are
vulnerable to multiple instances of stack-based overflows. While parsing
certain XML elements from incoming network requests, the product does
not sufficiently check or validate allocated buffer size. This may lead
to remote code execution.
|
|||||
| CVE-2023-44305 | 1 Dell | 2 Dm5500, Dm5500 Firmware | 2024-11-21 | N/A | 8.1 HIGH |
|
Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.
|
|||||
| CVE-2023-44178 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.
Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS
* All versions prior to 19.1R3-S10;
* 19.2 versions prior to 19.2R3-S7;
* 19.3 versions prior to 19.3R3-S8;
* 19.4 versions prior to 19.4R3-S12;
* 20. ...
Show More |
|||||
| CVE-2023-44177 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.
Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS:
* All versions prior to 19.1R3-S10;
* 19.2 versions prior to 19.2R3-S7;
* 19.3 versions prior to 19.3R3-S8;
* 19.4 versions prior to 19.4R3-S ...
Show More |
|||||
| CVE-2023-44176 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.
Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS:
* All versions prior to 20.4R3-S8;
* 21.2 versions prior to 21.2R3-S6;
* 21.3 versions prior to 21.3R3-S5;
* 22.1 versions prior to 22.1R3-S3;
* 22.3 ...
Show More |
|||||
| CVE-2023-44019 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.
|
|||||
| CVE-2023-44018 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.
|
|||||
| CVE-2023-44017 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
|
|||||
| CVE-2023-44016 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
|
|||||
| CVE-2023-44015 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.
|
|||||
| CVE-2023-44014 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.
|
|||||
| CVE-2023-44013 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.
|
|||||
| CVE-2023-43755 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2.1.6.05 are
vulnerable to multiple instances of stack-based overflows. During the
processing and parsing of certain fields in XML elements from incoming
network requests, the product does not sufficiently check or validate
allocated buffer size. This may lead to remote code execution.
|
|||||
| CVE-2023-43492 | 1 Weintek | 14 Cmt-fhd, Cmt-fhd Firmware, Cmt-hdm and 11 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.
|
|||||
| CVE-2023-43242 | 1 Dlink | 2 Dir-816a2, Dir-816a2 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.
|
|||||
| CVE-2023-43239 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.
|
|||||