Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37765 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so.
|
|||||
| CVE-2023-37723 | 1 Tenda | 10 4g300, 4g300 Firmware, F1202 and 7 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting.
|
|||||
| CVE-2023-37722 | 1 Tenda | 6 4g300, 4g300 Firmware, F1202 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter.
|
|||||
| CVE-2023-37721 | 1 Tenda | 10 4g300, 4g300 Firmware, F1202 and 7 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter.
|
|||||
| CVE-2023-37719 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter.
|
|||||
| CVE-2023-37718 | 1 Tenda | 6 4g300, 4g300 Firmware, F1202 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeClientFilter.
|
|||||
| CVE-2023-37717 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.
|
|||||
| CVE-2023-37716 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.
|
|||||
| CVE-2023-37715 | 1 Tenda | 4 F1202, F1202 Firmware, Fh1202 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function frmL7ProtForm.
|
|||||
| CVE-2023-37714 | 1 Tenda | 8 Ac7, Ac7 Firmware, F1202 and 5 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromRouteStatic.
|
|||||
| CVE-2023-37711 | 1 Tenda | 4 Ac10, Ac10 Firmware, Ac1206 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function.
|
|||||
| CVE-2023-37710 | 1 Tenda | 4 Ac10, Ac10 Firmware, Ac1206 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
|
|||||
| CVE-2023-37707 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromVirtualSer function.
|
|||||
| CVE-2023-37706 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the entrys parameter in the fromAddressNat function.
|
|||||
| CVE-2023-37705 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the page parameter in the fromAddressNat function.
|
|||||
| CVE-2023-37704 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.
|
|||||
| CVE-2023-37703 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
|
|||||
| CVE-2023-37702 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function.
|
|||||
| CVE-2023-37701 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
|
|||||
| CVE-2023-37700 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
|
|||||
| CVE-2023-37557 | 1 Codesys | 16 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 13 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
|
|||||
| CVE-2023-37375 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21060)
|
|||||
| CVE-2023-37374 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21054)
|
|||||
| CVE-2023-37297 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | N/A | 8.3 HIGH |
|
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
|
|||||
| CVE-2023-37296 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | N/A | 8.3 HIGH |
|
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a stack memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
|
|||||
| CVE-2023-37295 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | N/A | 8.3 HIGH |
|
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
|
|||||
| CVE-2023-37294 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | N/A | 8.3 HIGH |
|
AMI’s
SPx contains a vulnerability in the BMC where an Attacker may
cause a heap memory corruption via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
|
|||||
| CVE-2023-37293 | 1 Ami | 1 Megarac Sp-x | 2024-11-21 | N/A | 9.6 CRITICAL |
|
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may cause a
stack-based buffer overflow via an adjacent network. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
|
|||||
| CVE-2023-37248 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21155)
|
|||||
| CVE-2023-37247 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21138)
|
|||||
| CVE-2023-37246 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PRT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21109)
|
|||||
| CVE-2023-37212 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A | 8.8 HIGH |
|
Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115.
|
|||||
| CVE-2023-37211 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
|
|||||
| CVE-2023-37174 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c.
|
|||||
| CVE-2023-37139 | 1 Microsoft | 1 Chakracore | 2024-11-21 | N/A | 5.5 MEDIUM |
|
ChakraCore branch master cbb9b was discovered to contain a stack overflow vulnerability via the function Js::ScopeSlots::IsDebuggerScopeSlotArray().
|
|||||
| CVE-2023-36955 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.
|
|||||
| CVE-2023-36952 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg.
|
|||||
| CVE-2023-36950 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
|
|||||
| CVE-2023-36947 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.
|
|||||
| CVE-2023-36660 | 1 Nettle Project | 1 Nettle | 2024-11-21 | N/A | 9.8 CRITICAL |
|
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.
|
|||||