Search
Total
6424 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41032 | 1 Siemens | 1 Parasolid | 2023-11-14 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142), Simcenter Femap V2301 (All versions < V2301.0003), Simcenter Femap V2306 (All versions < V2306.0001). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21263) | |||||
| CVE-2023-38528 | 1 Siemens | 2 Parasolid, Teamcenter Visualization | 2023-11-14 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-5686 | 1 Radare | 1 Radare2 | 2023-11-14 | N/A | 8.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | |||||
| CVE-2023-4322 | 1 Radare | 1 Radare2 | 2023-11-14 | N/A | 9.8 CRITICAL |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | |||||
| CVE-2023-32837 | 2 Google, Mediatek | 7 Android, Mt6883, Mt6885 and 4 more | 2023-11-14 | N/A | 7.8 HIGH |
| In video, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08250357. | |||||
| CVE-2023-32832 | 2 Google, Mediatek | 10 Android, Mt6883, Mt6885 and 7 more | 2023-11-14 | N/A | 7.0 HIGH |
| In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273. | |||||
| CVE-2023-32840 | 1 Mediatek | 68 Lr12a, Mt2731, Mt2735 and 65 more | 2023-11-13 | N/A | 6.5 MEDIUM |
| In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862). | |||||
| CVE-2023-42538 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 9.8 CRITICAL |
| An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows attacker to cause out-of-bounds read and write. | |||||
| CVE-2023-42536 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 9.8 CRITICAL |
| An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows attacker to cause out-of-bounds read and write. | |||||
| CVE-2023-42537 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 9.8 CRITICAL |
| An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows attacker to cause out-of-bounds read and write. | |||||
| CVE-2023-42535 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.8 HIGH |
| Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-42529 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.8 HIGH |
| Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-42528 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.8 HIGH |
| Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-39283 | 1 Insyde | 1 Insydeh2o | 2023-11-10 | N/A | 7.8 HIGH |
| An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation. | |||||
| CVE-2023-4504 | 3 Debian, Fedoraproject, Openprinting | 4 Debian Linux, Fedora, Cups and 1 more | 2023-11-09 | N/A | 7.0 HIGH |
| Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. | |||||
| CVE-2022-0529 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2023-11-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. | |||||
| CVE-2023-39281 | 3 Amd, Insyde, Intel | 279 Athlon Gold 7220u, Athlon Silver 7120u, Ryzen3 5300u and 276 more | 2023-11-09 | N/A | 9.8 CRITICAL |
| A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase. | |||||
| CVE-2021-28660 | 4 Debian, Fedoraproject, Linux and 1 more | 20 Debian Linux, Fedora, Linux Kernel and 17 more | 2023-11-09 | 8.3 HIGH | 8.8 HIGH |
| rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. | |||||
| CVE-2022-0995 | 3 Fedoraproject, Linux, Netapp | 24 Fedora, Linux Kernel, H300e and 21 more | 2023-11-09 | 7.2 HIGH | 7.8 HIGH |
| An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system. | |||||
| CVE-2019-20636 | 2 Linux, Netapp | 18 Linux Kernel, Cloud Backup, Fas 8300 and 15 more | 2023-11-09 | 7.2 HIGH | 6.7 MEDIUM |
| In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. | |||||
| CVE-2023-40846 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998. | |||||
| CVE-2021-29390 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2023-08-29 | N/A | 9.8 CRITICAL |
| libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. | |||||
| CVE-2023-40901 | 1 Tenda | 2 Ac10v4, Ac10v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at url /goform/setMacFilterCfg. | |||||
| CVE-2023-40900 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | |||||
| CVE-2023-40899 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg. | |||||
| CVE-2023-40898 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg. | |||||
| CVE-2023-40897 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo. | |||||
| CVE-2023-40895 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | |||||
| CVE-2023-40896 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind. | |||||
| CVE-2023-40894 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg. | |||||
| CVE-2023-40893 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | |||||
| CVE-2023-40892 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi. | |||||
| CVE-2023-40891 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg. | |||||
| CVE-2023-40802 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2023-08-29 | N/A | 6.5 MEDIUM |
| The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn | |||||
| CVE-2023-40915 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2023-08-29 | N/A | 7.5 HIGH |
| Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter. | |||||
| CVE-2023-40799 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2023-08-29 | N/A | 9.8 CRITICAL |
| Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function. | |||||
| CVE-2023-39985 | 1 Hitachi | 1 Eh-view | 2023-08-29 | N/A | 7.8 HIGH |
| ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (Designer) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-4041 | 1 Silabs | 1 Gecko Bootloader | 2023-08-29 | N/A | 9.8 CRITICAL |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader. | |||||
| CVE-2023-3495 | 1 Hitachi | 1 Eh-view | 2023-08-29 | N/A | 7.8 HIGH |
| ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-34853 | 1 Supermicro | 542 H11dsi, H11dsi-nt, H11dsi-nt Firmware and 539 more | 2023-08-29 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable. | |||||
| CVE-2022-48522 | 1 Perl | 1 Perl | 2023-08-28 | N/A | 9.8 CRITICAL |
| In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. | |||||
| CVE-2022-48174 | 1 Busybox | 1 Busybox | 2023-08-28 | N/A | 9.8 CRITICAL |
| There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution. | |||||
| CVE-2021-40263 | 1 Freeimage Project | 1 Freeimage | 2023-08-28 | N/A | 8.8 HIGH |
| A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp. | |||||
| CVE-2021-34193 | 1 Opensc Project | 1 Opensc | 2023-08-28 | N/A | 7.5 HIGH |
| Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs. | |||||
| CVE-2023-30079 | 1 Opensuse | 1 Libeconf | 2023-08-26 | N/A | 8.8 HIGH |
| A stack overflow vulnerability exists in function read_file in atlibeconf/lib/getfilecontents.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code. | |||||
| CVE-2023-30078 | 1 Opensuse | 1 Libeconf | 2023-08-26 | N/A | 8.8 HIGH |
| A stack overflow vulnerability exists in function econf_writeFile in file atlibeconf/lib/libeconf.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code. | |||||
| CVE-2022-48570 | 1 Cryptopp | 1 Crypto\+\+ | 2023-08-26 | N/A | 7.5 HIGH |
| Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally removed for functionality reasons. | |||||
| CVE-2022-47069 | 1 7-zip | 1 P7zip | 2023-08-26 | N/A | 7.8 HIGH |
| p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. | |||||
| CVE-2022-44840 | 1 Gnu | 1 Binutils | 2023-08-26 | N/A | 7.8 HIGH |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | |||||
| CVE-2022-45703 | 1 Gnu | 1 Binutils | 2023-08-26 | N/A | 7.8 HIGH |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | |||||