Search
Total
994 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34474 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2023-08-24 | N/A | 5.5 MEDIUM |
| A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | |||||
| CVE-2023-39741 | 1 Long Range Zip Project | 1 Long Range Zip | 2023-08-23 | N/A | 5.5 MEDIUM |
| lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | |||||
| CVE-2023-29182 | 1 Fortinet | 1 Fortios | 2023-08-23 | N/A | 6.7 MEDIUM |
| A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections. | |||||
| CVE-2021-45930 | 3 Debian, Fedoraproject, Qt | 3 Debian Linux, Fedora, Qtsvg | 2023-08-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). | |||||
| CVE-2023-40294 | 1 0branch | 1 Boron | 2023-08-21 | N/A | 6.5 MEDIUM |
| libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c. | |||||
| CVE-2023-4273 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2023-08-19 | N/A | 6.7 MEDIUM |
| A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. | |||||
| CVE-2023-38856 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411. | |||||
| CVE-2023-38853 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015. | |||||
| CVE-2023-38855 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395. | |||||
| CVE-2023-38854 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296. | |||||
| CVE-2023-38851 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018. | |||||
| CVE-2023-38852 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266. | |||||
| CVE-2023-35012 | 3 Ibm, Linux, Microsoft | 4 Aix, Db2, Linux Kernel and 1 more | 2023-08-18 | N/A | 6.7 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763. | |||||
| CVE-2023-2804 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2023-08-17 | N/A | 6.5 MEDIUM |
| A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash. | |||||
| CVE-2020-13440 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. | |||||
| CVE-2020-23851 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| A stack-based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c:513:28, which could cause a denial of service by submitting a malicious jpeg image. | |||||
| CVE-2020-23852 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap based buffer overflow vulnerability exists in ffjpeg through 2020-07-02 in the jfif_decode(void *ctxt, BMP *pb) function at ffjpeg/src/jfif.c (line 544 & line 545), which could cause a denial of service by submitting a malicious jpeg image. | |||||
| CVE-2020-15470 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. | |||||
| CVE-2019-16352 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c. | |||||
| CVE-2021-44956 | 1 Rockcarry | 1 Ffjpeg | 2023-08-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| Two Heap based buffer overflow vulnerabilities exist in ffjpeg through 01.01.2021. It is similar to CVE-2020-23852. Issues that are in the jfif_decode function at ffjpeg/src/jfif.c (line 552) could cause a Denial of Service by using a crafted jpeg file. | |||||
| CVE-2023-20081 | 1 Cisco | 304 1100-4g Integrated Services Router, 1100-4p Integrated Services Router, 1100-6g Integrated Services Router and 301 more | 2023-08-16 | N/A | 5.9 MEDIUM |
| A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position. | |||||
| CVE-2023-20802 | 3 Google, Linuxfoundation, Mediatek | 9 Android, Yocto, Mt6879 and 6 more | 2023-08-09 | N/A | 6.5 MEDIUM |
| In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420976. | |||||
| CVE-2023-20781 | 2 Google, Mediatek | 56 Android, Mt6580, Mt6731 and 53 more | 2023-08-09 | N/A | 4.4 MEDIUM |
| In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323. | |||||
| CVE-2023-20805 | 3 Google, Linuxfoundation, Mediatek | 10 Android, Yocto, Mt2713 and 7 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411. | |||||
| CVE-2023-20804 | 3 Google, Linuxfoundation, Mediatek | 10 Android, Yocto, Mt2713 and 7 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384. | |||||
| CVE-2023-20811 | 3 Google, Linux, Mediatek | 54 Android, Linux Kernel, Mt5221 and 51 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In IOMMU, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03692061; Issue ID: DTV03692061. | |||||
| CVE-2023-20809 | 2 Google, Mediatek | 53 Android, Mt5583, Mt5691 and 50 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03751198; Issue ID: DTV03751198. | |||||
| CVE-2023-20815 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6739 and 22 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453587; Issue ID: ALPS07453587. | |||||
| CVE-2023-20803 | 3 Google, Linuxfoundation, Mediatek | 10 Android, Yocto, Mt2713 and 7 more | 2023-08-09 | N/A | 6.5 MEDIUM |
| In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374. | |||||
| CVE-2023-20812 | 2 Google, Mediatek | 28 Android, Iot Yocto, Mt6761 and 25 more | 2023-08-09 | N/A | 4.4 MEDIUM |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987. | |||||
| CVE-2023-20814 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6739 and 22 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453560; Issue ID: ALPS07453560. | |||||
| CVE-2023-20816 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6739 and 22 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453589; Issue ID: ALPS07453589. | |||||
| CVE-2023-20817 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6739 and 22 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453600; Issue ID: ALPS07453600. | |||||
| CVE-2023-20806 | 2 Google, Mediatek | 9 Android, Mt2713, Mt6879 and 6 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07537437. | |||||
| CVE-2023-20808 | 2 Google, Mediatek | 6 Android, Mt9011, Mt9022 and 3 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03645895; Issue ID: DTV03645895. | |||||
| CVE-2023-20807 | 2 Google, Mediatek | 8 Android, Mt2713, Mt6895 and 5 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433. | |||||
| CVE-2023-20783 | 2 Google, Mediatek | 56 Android, Mt6580, Mt6731 and 53 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905. | |||||
| CVE-2023-20784 | 2 Google, Mediatek | 56 Android, Mt6580, Mt6731 and 53 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989. | |||||
| CVE-2023-20786 | 2 Google, Mediatek | 35 Android, Mt2713, Mt6580 and 32 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811. | |||||
| CVE-2023-20785 | 2 Google, Mediatek | 20 Android, Mt6779, Mt6781 and 17 more | 2023-08-09 | N/A | 6.4 MEDIUM |
| In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524. | |||||
| CVE-2023-20790 | 5 Google, Linuxfoundation, Mediatek and 2 more | 68 Android, Yocto, Mt2713 and 65 more | 2023-08-09 | N/A | 4.4 MEDIUM |
| In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194. | |||||
| CVE-2023-20796 | 5 Google, Linuxfoundation, Mediatek and 2 more | 28 Android, Yocto, Mt2735 and 25 more | 2023-08-09 | N/A | 4.4 MEDIUM |
| In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790. | |||||
| CVE-2023-20795 | 2 Google, Mediatek | 35 Android, Mt6739, Mt6761 and 32 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900. | |||||
| CVE-2023-20793 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2023-08-09 | N/A | 4.4 MEDIUM |
| In apu, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767818; Issue ID: ALPS07767818. | |||||
| CVE-2023-20797 | 2 Google, Mediatek | 9 Android, Mt6879, Mt6886 and 6 more | 2023-08-09 | N/A | 6.7 MEDIUM |
| In camera middleware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629582; Issue ID: ALPS07629582. | |||||
| CVE-2023-3180 | 1 Qemu | 1 Qemu | 2023-08-08 | N/A | 6.5 MEDIUM |
| A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ. | |||||
| CVE-2023-37557 | 1 Codesys | 16 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 13 more | 2023-08-08 | N/A | 6.5 MEDIUM |
| After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition. | |||||
| CVE-2022-21766 | 2 Google, Mediatek | 36 Android, Mt6580, Mt6735 and 33 more | 2023-08-08 | 4.6 MEDIUM | 6.7 MEDIUM |
| In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641673; Issue ID: ALPS06641653. | |||||
| CVE-2021-40647 | 1 Man2html Project | 1 Man2html | 2023-08-08 | N/A | 5.5 MEDIUM |
| In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it allows arbitrary write anywhere in the programs memory. | |||||
| CVE-2022-25363 | 1 Watchguard | 1 Fireware | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. | |||||