Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41711 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
|
|||||
| CVE-2023-41563 | 1 Tenda | 4 Ac5, Ac5 Firmware, Ac9 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo.
|
|||||
| CVE-2023-41562 | 1 Tenda | 6 Ac5, Ac5 Firmware, Ac7 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet.
|
|||||
| CVE-2023-41561 | 1 Tenda | 4 Ac5, Ac5 Firmware, Ac9 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.
|
|||||
| CVE-2023-41560 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.
|
|||||
| CVE-2023-41559 | 1 Tenda | 6 Ac5, Ac5 Firmware, Ac7 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.
|
|||||
| CVE-2023-41558 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter timeZone at url /goform/SetSysTimeCfg.
|
|||||
| CVE-2023-41557 | 1 Tenda | 4 Ac5, Ac5 Firmware, Ac7 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter entrys and mitInterface at url /goform/addressNat.
|
|||||
| CVE-2023-41556 | 1 Tenda | 6 Ac5, Ac5 Firmware, Ac7 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind.
|
|||||
| CVE-2023-41555 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter security_5g at url /goform/WifiBasicSet.
|
|||||
| CVE-2023-41554 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.
|
|||||
| CVE-2023-41553 | 1 Tenda | 4 Ac5, Ac5 Firmware, Ac9 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg.
|
|||||
| CVE-2023-41552 | 1 Tenda | 4 Ac7, Ac7 Firmware, Ac9 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set.
|
|||||
| CVE-2023-41307 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
|
Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2023-41273 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.2.2533 build 20230926 and later
QuTS hero h5.1.2.2534 build 20230927 and later
QuTScloud c5.1.5.2651 and later
|
|||||
| CVE-2023-41268 | 1 Samsung | 1 Escargot | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and segmentation fault. This issue affects Escargot: from 3.0.0 through 4.0.0.
|
|||||
| CVE-2023-41140 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
|
|||||
| CVE-2023-41111 | 1 Samsung | 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more | 2024-11-21 | N/A | 7.1 HIGH |
|
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.
|
|||||
| CVE-2023-41101 | 1 Opennds | 1 Opennds | 2024-11-21 | N/A | 9.8 CRITICAL |
|
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. get_query in http_microhttpd.c does not validate the length of the query string of GET requests. This leads to a stack-based buffer overflow in versions 9.x and earlier, and to a heap-based buffer overflow in versions 10.x and later. Attackers may exploit the issue to crash OpenNDS (Denial-of-Service condition) or to inject and execute arbitrary bytecode (Remote Code Execution). Affected OpenNDS before version 10.1.3 ...
Show More |
|||||
| CVE-2023-41033 | 1 Siemens | 2 Parasolid, Simcenter Femap | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 (All versions < V35.1.246), Parasolid V36.0 (All versions < V36.0.156), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI ...
Show More |
|||||
| CVE-2023-41032 | 1 Siemens | 2 Parasolid, Simcenter Femap | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code ...
Show More |
|||||
| CVE-2023-41028 | 1 Juplink | 2 Rx4-1500, Rx4-1500 Firmware | 2024-11-21 | N/A | 9.0 CRITICAL |
|
A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.
|
|||||
| CVE-2023-40942 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg.
|
|||||
| CVE-2023-40915 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.
|
|||||
| CVE-2023-40904 | 1 Tenda | 2 Ac10v4, Ac10v4 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg.
|
|||||
| CVE-2023-40902 | 1 Tenda | 2 Ac10v4, Ac10v4 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind.
|
|||||
| CVE-2023-40901 | 1 Tenda | 2 Ac10v4, Ac10v4 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at url /goform/setMacFilterCfg.
|
|||||
| CVE-2023-40857 | 1 Virustotal | 1 Yara | 2024-11-21 | N/A | 8.8 HIGH |
|
Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.
|
|||||
| CVE-2023-40848 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
|
|||||
| CVE-2023-40847 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
|
|||||
| CVE-2023-40846 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.
|
|||||
| CVE-2023-40845 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
|
|||||
| CVE-2023-40844 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
|
|||||
| CVE-2023-40843 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
|
|||||
| CVE-2023-40842 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
|
|||||
| CVE-2023-40841 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
|
|||||
| CVE-2023-40840 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
|
|||||
| CVE-2023-40802 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
|
The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn
|
|||||
| CVE-2023-40799 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.
|
|||||
| CVE-2023-40781 | 1 Libming | 1 Libming | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function.
|
|||||