Search
Total
1388 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21427 | 1 Freeimage Project | 1 Freeimage | 2023-12-18 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. | |||||
| CVE-2020-22524 | 1 Freeimage Project | 1 Freeimage | 2023-12-18 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM file. | |||||
| CVE-2019-14835 | 8 Canonical, Debian, Fedoraproject and 5 more | 44 Ubuntu Linux, Debian Linux, Fedora and 41 more | 2023-12-15 | 7.2 HIGH | 7.8 HIGH |
| A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. | |||||
| CVE-2023-50245 | 1 Afichet | 1 Openexr Viewer | 2023-12-14 | N/A | 9.8 CRITICAL |
| OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1. | |||||
| CVE-2023-40998 | 1 O-ran-sc | 1 Ric Message Router | 2023-12-14 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via the packet size component. | |||||
| CVE-2023-40997 | 1 O-ran-sc | 1 Ric Message Router | 2023-12-14 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via a crafted packet. | |||||
| CVE-2023-32975 | 1 Qnap | 2 Qts, Quts Hero | 2023-12-13 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later | |||||
| CVE-2023-32968 | 1 Qnap | 2 Qts, Quts Hero | 2023-12-13 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later | |||||
| CVE-2023-6238 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2023-12-13 | N/A | 7.8 HIGH |
| A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. An unprivileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption. | |||||
| CVE-2023-49287 | 1 Cxong | 1 Tinydir | 2023-12-13 | N/A | 9.8 CRITICAL |
| TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6. | |||||
| CVE-2023-41913 | 1 Strongswan | 1 Strongswan | 2023-12-12 | N/A | 9.8 CRITICAL |
| strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message. | |||||
| CVE-2022-36361 | 1 Siemens | 4 Logo\!8 Bm, Logo\!8 Bm Fs-05, Logo\!8 Bm Fs-05 Firmware and 1 more | 2023-12-12 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in LOGO! 12/24RCE (All versions), LOGO! 12/24RCEo (All versions), LOGO! 230RCE (All versions), LOGO! 230RCEo (All versions), LOGO! 24CE (All versions), LOGO! 24CEo (All versions), LOGO! 24RCE (All versions), LOGO! 24RCEo (All versions), SIPLUS LOGO! 12/24RCE (All versions), SIPLUS LOGO! 12/24RCEo (All versions), SIPLUS LOGO! 230RCE (All versions), SIPLUS LOGO! 230RCEo (All versions), SIPLUS LOGO! 24CE (All versions), SIPLUS LOGO! 24CEo (All versions), SIPLUS LOGO! 24RCE (All versions), SIPLUS LOGO! 24RCEo (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code. | |||||
| CVE-2023-33024 | 1 Qualcomm | 142 8098, 8098 Firmware, 8998 and 139 more | 2023-12-11 | N/A | 7.8 HIGH |
| Memory corruption while sending SMS from AP firmware. | |||||
| CVE-2023-33017 | 1 Qualcomm | 554 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 551 more | 2023-12-11 | N/A | 7.8 HIGH |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. | |||||
| CVE-2023-33083 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Ar9380 and 227 more | 2023-12-11 | N/A | 9.8 CRITICAL |
| Memory corruption in WLAN Host while processing RRM beacon on the AP. | |||||
| CVE-2023-33082 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Ar9380 and 227 more | 2023-12-11 | N/A | 9.8 CRITICAL |
| Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. | |||||
| CVE-2023-33087 | 1 Qualcomm | 236 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 233 more | 2023-12-11 | N/A | 7.8 HIGH |
| Memory corruption in Core while processing RX intent request. | |||||
| CVE-2023-28579 | 1 Qualcomm | 68 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 65 more | 2023-12-11 | N/A | 7.8 HIGH |
| Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length. | |||||
| CVE-2023-28546 | 1 Qualcomm | 560 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 557 more | 2023-12-11 | N/A | 7.8 HIGH |
| Memory Corruption in SPS Application while exporting public key in sorter TA. | |||||
| CVE-2023-45463 | 1 Netis-systems | 2 N3m, N3m Firmware | 2023-12-08 | N/A | 7.5 HIGH |
| Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-28811 | 1 Hikvision | 79 Ds-7104ni-q1\(c\), Ds-7104ni-q1\(c\) Firmware, Ds-7104ni-q1\(d\) and 76 more | 2023-12-08 | N/A | 6.5 MEDIUM |
| There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device. | |||||
| CVE-2023-32859 | 2 Google, Mediatek | 45 Android, Mt6761, Mt6765 and 42 more | 2023-12-07 | N/A | 6.7 MEDIUM |
| In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. | |||||
| CVE-2023-32860 | 2 Google, Mediatek | 23 Android, Mt6761, Mt6765 and 20 more | 2023-12-07 | N/A | 6.7 MEDIUM |
| In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788. | |||||
| CVE-2023-5908 | 4 Ge, Ptc, Rockwellautomation and 1 more | 8 Industrial Gateway Server, Keepserverex, Opc-aggregator and 5 more | 2023-12-06 | N/A | 9.1 CRITICAL |
| KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. | |||||
| CVE-2023-47307 | 1 Szlbt | 2 Lbt-t300-t310, Lbt-t300-t310 Firmware | 2023-12-06 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter. | |||||
| CVE-2023-49700 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2023-12-05 | N/A | 7.5 HIGH |
| Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large. | |||||
| CVE-2023-24294 | 1 Zumtobel | 2 Netlink Ccd, Netlink Ccd Firmware | 2023-12-05 | N/A | 7.5 HIGH |
| Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification. | |||||
| CVE-2023-37926 | 1 Zyxel | 20 Atp100, Atp100w, Atp200 and 17 more | 2023-12-04 | N/A | 5.5 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. | |||||
| CVE-2023-4397 | 1 Zyxel | 16 Atp100, Atp100w, Atp200 and 13 more | 2023-12-04 | N/A | 4.4 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device. | |||||
| CVE-2023-4163 | 1 Broadcom | 1 Fabric Operating System | 2023-11-30 | N/A | 4.4 MEDIUM |
| In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command. | |||||
| CVE-2023-49208 | 1 Glewlwyd Sso Server Project | 1 Glewlwyd Sso Server | 2023-11-30 | N/A | 9.8 CRITICAL |
| scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration. | |||||
| CVE-2023-47471 | 1 Struktur | 1 Libde265 | 2023-11-30 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. | |||||
| CVE-2023-43887 | 1 Struktur | 1 Libde265 | 2023-11-30 | N/A | 8.1 HIGH |
| Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump. | |||||
| CVE-2023-28812 | 1 Hikvision | 1 Localservicecomponents | 2023-11-30 | N/A | 9.8 CRITICAL |
| There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in. | |||||
| CVE-2023-28741 | 2 Intel, Microsoft | 4 Quickassist Technology, Quickassist Technology Firmware, Quickassist Technology Library and 1 more | 2023-11-30 | N/A | 7.8 HIGH |
| Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-4424 | 1 Zephyrproject | 1 Zephyr | 2023-11-29 | N/A | 8.8 HIGH |
| An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. | |||||
| CVE-2023-38823 | 1 Tenda | 8 Ac18, Ac18 Firmware, Ac19 and 5 more | 2023-11-28 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | |||||
| CVE-2021-3466 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Libmicrohttpd, Enterprise Linux | 2023-11-25 | 10.0 HIGH | 9.8 CRITICAL |
| A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Only version 0.9.70 is vulnerable. | |||||
| CVE-2023-47217 | 1 Openharmony | 1 Openharmony | 2023-11-24 | N/A | 5.5 MEDIUM |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow. | |||||
| CVE-2023-45616 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-11-21 | N/A | 9.8 CRITICAL |
| There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-45615 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-11-21 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-45614 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-11-21 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2022-30067 | 1 Gimp | 1 Gimp | 2023-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash. | |||||
| CVE-2021-38111 | 1 Defcon | 2 Def Con 27, Def Con 27 Firmware | 2023-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol. | |||||
| CVE-2023-47347 | 1 Free5gc | 1 Free5gc | 2023-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. | |||||
| CVE-2023-47345 | 1 Free5gc | 1 Free5gc | 2023-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero. | |||||
| CVE-2023-39204 | 1 Zoom | 5 Meetings, Rooms, Video Software Development Kit and 2 more | 2023-11-21 | N/A | 7.5 HIGH |
| Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | |||||
| CVE-2023-39206 | 1 Zoom | 5 Meetings, Rooms, Video Software Development Kit and 2 more | 2023-11-21 | N/A | 7.5 HIGH |
| Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | |||||
| CVE-2023-47346 | 1 Free5gc | 3 Free5gc, Smf, Upf | 2023-11-20 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages. | |||||
| CVE-2020-22283 | 1 Lwip Project | 1 Lwip | 2023-11-18 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet. | |||||