Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36532 | 1 Zoom | 3 Rooms, Virtual Desktop Infrastructure, Zoom | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
|
|||||
| CVE-2023-36340 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
|
|||||
| CVE-2023-36273 | 1 Gnu | 1 Libredwg | 2024-11-21 | N/A | 8.8 HIGH |
|
LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
|
|||||
| CVE-2023-36193 | 1 Lcdf | 1 Gifsicle | 2024-11-21 | N/A | 7.8 HIGH |
|
Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c.
|
|||||
| CVE-2023-36192 | 1 Irontec | 1 Sngrep | 2024-11-21 | N/A | 7.8 HIGH |
|
Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_ws_check_packet at /src/capture.c.
|
|||||
| CVE-2023-36184 | 3 Aptosfoundation, Move Project, Mystenlabs | 3 Aptos, Move, Sui | 2024-11-21 | N/A | 7.5 HIGH |
|
CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component /spec/openrpc.json.
|
|||||
| CVE-2023-36017 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Windows Scripting Engine Memory Corruption Vulnerability
|
|||||
| CVE-2023-35986 | 1 Santesoft | 1 Dicom Viewer Pro | 2024-11-21 | N/A | 7.8 HIGH |
|
Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
|
|||||
| CVE-2023-35871 | 1 Sap | 1 Web Dispatcher | 2024-11-21 | N/A | 7.7 HIGH |
|
The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to informati ...
Show More |
|||||
| CVE-2023-35684 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.8 HIGH |
|
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-35681 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-35662 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
there is a possible out of bounds write due to buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-35649 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.2 HIGH |
|
In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-35646 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-35645 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.4 MEDIUM |
|
In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-35177 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser.
|
|||||
| CVE-2023-35127 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2024-11-21 | N/A | 7.8 HIGH |
|
Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file.
|
|||||
| CVE-2023-35126 | 1 Justsystems | 19 Easy Postcard Max, Ichitaro 2021, Ichitaro 2022 and 16 more | 2024-11-21 | N/A | 7.8 HIGH |
|
An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
|
|||||
| CVE-2023-35077 | 2 Ivanti, Microsoft | 2 Endpoint Manager, Windows | 2024-11-21 | N/A | 7.5 HIGH |
|
An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Update to Ivanti AV Product version 7.9.1.285 or above.
|
|||||
| CVE-2023-35012 | 3 Ibm, Linux, Microsoft | 4 Aix, Db2, Linux Kernel and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763.
|
|||||
| CVE-2023-35001 | 4 Debian, Fedoraproject, Linux and 1 more | 8 Debian Linux, Fedora, Linux Kernel and 5 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
|
|||||
| CVE-2023-34942 | 1 Asus | 2 Rt-n10lx, Rt-n10lx Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
|
|||||
| CVE-2023-34937 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34936 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34935 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34934 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34933 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the UpdateWanParams function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34932 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34931 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34930 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34929 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34928 | 1 H3c | 2 Magic B1st, Magic B1st Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34924 | 1 H3c | 2 Magic B1stw, Magic B1stw Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-34853 | 1 Supermicro | 542 H11dsi, H11dsi-nt, H11dsi-nt Firmware and 539 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable.
|
|||||
| CVE-2023-34551 | 1 Ezviz | 18 Cs-c6n-a0-1c2wfr-mul, Cs-c6n-a0-1c2wfr-mul Firmware, Cs-c6n-b0-1g2wf and 15 more | 2024-11-21 | N/A | 8.0 HIGH |
|
In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3. ...
Show More |
|||||
| CVE-2023-34474 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
|
|||||
| CVE-2023-34432 | 3 Fedoraproject, Redhat, Sound Exchange Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.
|
|||||
| CVE-2023-34351 | 1 Intel | 1 Performance Counter Monitor | 2024-11-21 | N/A | 7.5 HIGH |
|
Buffer underflow in some Intel(R) PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access.
|
|||||
| CVE-2023-33975 | 1 Riot-os | 1 Riot | 2024-11-21 | N/A | 9.8 CRITICAL |
|
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility t ...
Show More |
|||||
| CVE-2023-33913 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-11-21 | N/A | 7.2 HIGH |
|
In DRM/oemcrypto, there is a possible out of bounds write due to an incorrect calculation of buffer size.This could lead to remote escalation of privilege with System execution privileges needed
|
|||||