Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21085 | 1 Google | 1 Android | 2025-02-05 | N/A | 8.8 HIGH |
|
In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-264879662
|
|||||
| CVE-2023-20967 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-225879503
|
|||||
| CVE-2023-20941 | 1 Google | 1 Android | 2025-02-05 | N/A | 6.6 MEDIUM |
|
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264029575References: Upstream kernel
|
|||||
| CVE-2023-29912 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 R200V100R004 was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm.
|
|||||
| CVE-2023-29911 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the AddMacList interface at /goform/aspForm.
|
|||||
| CVE-2023-29910 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the UpdateMacClone interface at /goform/aspForm.
|
|||||
| CVE-2023-21100 | 1 Google | 1 Android | 2025-02-05 | N/A | 7.8 HIGH |
|
In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-242544249
|
|||||
| CVE-2023-30410 | 1 Jerryscript | 1 Jerryscript | 2025-02-05 | N/A | 5.5 MEDIUM |
|
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecma_op_function_construct at /operations/ecma-function-object.c.
|
|||||
| CVE-2023-30378 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-05 | N/A | 9.8 CRITICAL |
|
In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability.
|
|||||
| CVE-2023-30376 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-05 | N/A | 9.8 CRITICAL |
|
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.
|
|||||
| CVE-2023-30375 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-05 | N/A | 9.8 CRITICAL |
|
In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.
|
|||||
| CVE-2023-29917 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via go parameter at /goform/aspForm.
|
|||||
| CVE-2023-29909 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the AddWlanMacList interface at /goform/aspForm.
|
|||||
| CVE-2023-29908 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the SetMobileAPInfoById interface at /goform/aspForm.
|
|||||
| CVE-2023-29907 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm.
|
|||||
| CVE-2023-29906 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the Edit_BasicSSID interface at /goform/aspForm.
|
|||||
| CVE-2023-29905 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the UpdateSnat interface at /goform/aspForm.
|
|||||
| CVE-2024-55192 | 1 Openimageio | 1 Openimageio | 2025-02-05 | N/A | 9.8 CRITICAL |
|
OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).
|
|||||
| CVE-2023-29914 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm.
|
|||||
| CVE-2023-29913 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the SetAPWifiorLedInfoById interface at /goform/aspForm.
|
|||||
| CVE-2024-38413 | 1 Qualcomm | 14 Fastconnect 7800, Fastconnect 7800 Firmware, Snapdragon 8 Gen 3 Mobile and 11 more | 2025-02-05 | N/A | 6.6 MEDIUM |
|
Memory corruption while processing frame packets.
|
|||||
| CVE-2024-38420 | 1 Qualcomm | 320 Aqt1000, Aqt1000 Firmware, Ar8035 and 317 more | 2025-02-05 | N/A | 8.8 HIGH |
|
Memory corruption while configuring a Hypervisor based input virtual device.
|
|||||
| CVE-2021-38427 | 1 Rti | 2 Connext Professional, Connext Secure | 2025-02-05 | 4.6 MEDIUM | 6.6 MEDIUM |
|
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.
|
|||||
| CVE-2023-30371 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
|
In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability.
|
|||||
| CVE-2023-30370 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
|
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.
|
|||||
| CVE-2023-30369 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
|
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.
|
|||||
| CVE-2023-30368 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
|
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function.
|
|||||
| CVE-2023-30414 | 1 Jerryscript | 1 Jerryscript | 2025-02-04 | N/A | 5.5 MEDIUM |
|
Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.
|
|||||
| CVE-2023-30373 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
|
In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability.
|
|||||
| CVE-2023-30372 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
|
In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability.
|
|||||
| CVE-2023-24819 | 1 Riot-os | 1 Riot | 2025-02-04 | N/A | 9.8 CRITICAL |
|
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility t ...
Show More |
|||||
| CVE-2023-20869 | 1 Vmware | 2 Fusion, Workstation | 2025-02-04 | N/A | 8.2 HIGH |
|
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
|
|||||
| CVE-2024-22448 | 1 Dell | 536 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 533 more | 2025-02-04 | N/A | 4.7 MEDIUM |
|
Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.
|
|||||
| CVE-2024-25942 | 1 Dell | 50 Nx3230, Nx3230 Firmware, Nx3330 and 47 more | 2025-02-04 | N/A | 4.4 MEDIUM |
|
Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
|
|||||
| CVE-2024-22453 | 1 Dell | 50 Nx3230, Nx3230 Firmware, Nx3330 and 47 more | 2025-02-04 | N/A | 7.2 HIGH |
|
Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.
|
|||||
| CVE-2024-0162 | 1 Dell | 116 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 113 more | 2025-02-04 | N/A | 5.3 MEDIUM |
|
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.
|
|||||
| CVE-2024-32855 | 1 Dell | 148 Inspiron 3480, Inspiron 3480 Firmware, Inspiron 3580 and 145 more | 2025-02-04 | N/A | 3.8 LOW |
|
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.
|
|||||
| CVE-2023-2241 | 1 Podofo Project | 1 Podofo | 2025-02-04 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 535a786f124b739e3c857529cecc29e4eeb79778. It is recommended to apply a patch to fix this issue. VDB-227226 is the identifier assigned to this vulnerab ...
Show More |
|||||
| CVE-2023-29578 | 1 Mp4v2 Project | 1 Mp4v2 | 2025-02-04 | N/A | 8.8 HIGH |
|
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp.
|
|||||
| CVE-2023-20872 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2025-02-04 | N/A | 8.8 HIGH |
|
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
|
|||||