Search
Total
6424 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43756 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2023-08-01 | 9.3 HIGH | 7.8 HIGH |
| Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-43754 | 3 Adobe, Apple, Microsoft | 3 Prelude, Macos, Windows | 2023-08-01 | 9.3 HIGH | 7.8 HIGH |
| Adobe Prelude version 22.1.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2023-38632 | 1 Asynchronous Sockets For C\+\+ Project | 1 Asynchronous Sockets For C\+\+ | 2023-08-01 | N/A | 9.8 CRITICAL |
| async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets. | |||||
| CVE-2023-26965 | 1 Libtiff | 1 Libtiff | 2023-08-01 | N/A | 5.5 MEDIUM |
| loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. | |||||
| CVE-2023-28730 | 1 Panasonic | 1 Control Fpwin Pro | 2023-07-31 | N/A | 7.8 HIGH |
| A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||||
| CVE-2023-28728 | 1 Panasonic | 1 Control Fpwin Pro | 2023-07-31 | N/A | 7.8 HIGH |
| A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||||
| CVE-2023-35077 | 2 Ivanti, Microsoft | 2 Endpoint Manager, Windows | 2023-07-31 | N/A | 7.5 HIGH |
| An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Update to Ivanti AV Product version 7.9.1.285 or above. | |||||
| CVE-2023-38671 | 1 Paddlepaddle | 1 Paddlepaddle | 2023-07-31 | N/A | 9.8 CRITICAL |
| Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible. | |||||
| CVE-2021-39822 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-07-28 | N/A | 7.8 HIGH |
| Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file. | |||||
| CVE-2022-28734 | 1 Gnu | 1 Grub2 | 2023-07-28 | N/A | 9.8 CRITICAL |
| Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buffer. It's conceivable that an attacker controlled set of packets can lead to corruption of the GRUB2's internal memory metadata. | |||||
| CVE-2022-28737 | 1 Redhat | 1 Shim | 2023-07-28 | N/A | 7.8 HIGH |
| There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables; The handle_image() function takes into account the SizeOfRawData field from each section to be loaded. An attacker can leverage this to perform out-of-bound writes into memory. Arbitrary code execution is not discarded in such scenario. | |||||
| CVE-2021-32256 | 1 Gnu | 1 Binutils | 2023-07-28 | N/A | 6.5 MEDIUM |
| An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | |||||
| CVE-2023-3463 | 1 Ge | 1 Cimplicity | 2023-07-28 | N/A | 9.8 CRITICAL |
| All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. Successful exploitation could allow an attacker to execute arbitrary code. | |||||
| CVE-2022-46295 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the Gaussian file format | |||||
| CVE-2022-46294 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MOPAC Cartesian file format | |||||
| CVE-2022-46293 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MOPAC file format, inside the Final Point and Derivatives section | |||||
| CVE-2022-46291 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MSI file format | |||||
| CVE-2022-46292 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability affects the MOPAC file format, inside the Unit Cell Translation section | |||||
| CVE-2022-46290 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.The loop that stores the coordinates does not check its index against nAtoms | |||||
| CVE-2022-46289 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.nAtoms calculation wrap-around, leading to a small buffer allocation | |||||
| CVE-2022-43607 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in the MOL2 format attribute and value functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-43467 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in the PQS format coord_file functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-37331 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-41793 | 1 Openbabel | 1 Open Babel | 2023-07-27 | N/A | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-31998 | 1 Ui | 4 Aircube, Aircube Firmware, Edgemax Edgerouter and 1 more | 2023-07-27 | N/A | 7.5 HIGH |
| A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices. | |||||
| CVE-2023-37791 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2023-07-27 | N/A | 9.8 CRITICAL |
| D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. | |||||
| CVE-2021-34119 | 1 Htmldoc Project | 1 Htmldoc | 2023-07-27 | N/A | 7.8 HIGH |
| A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file. | |||||
| CVE-2021-34123 | 1 Atasm Project | 1 Atasm | 2023-07-27 | N/A | 9.8 CRITICAL |
| An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf() in asm.c allows attackers to execute arbitrary code on the system via a crafted file. | |||||
| CVE-2023-37837 | 1 Jpeg | 1 Libjpeg | 2023-07-27 | N/A | 6.5 MEDIUM |
| libjpeg commit db33a6e was discovered to contain a heap buffer overflow via LineBitmapRequester::EncodeRegion at linebitmaprequester.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | |||||
| CVE-2023-27953 | 1 Apple | 1 Macos | 2023-07-27 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2023-27970 | 1 Apple | 2 Ipad Os, Iphone Os | 2023-07-27 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-23519 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.5 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing an image may lead to a denial-of-service. | |||||
| CVE-2023-32380 | 1 Apple | 1 Macos | 2023-07-27 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may lead to arbitrary code execution. | |||||
| CVE-2023-27965 | 1 Apple | 3 Macos, Studio Display, Studio Display Firmware | 2023-07-27 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-27936 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-07-27 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-28206 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-07-27 | N/A | 8.6 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. | |||||
| CVE-2023-32435 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-07-27 | N/A | 8.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. | |||||
| CVE-2023-37139 | 1 Microsoft | 1 Chakracore | 2023-07-27 | N/A | 5.5 MEDIUM |
| ChakraCore branch master cbb9b was discovered to contain a stack overflow vulnerability via the function Js::ScopeSlots::IsDebuggerScopeSlotArray(). | |||||
| CVE-2023-3633 | 1 Bitdefender | 1 Engines | 2023-07-27 | N/A | 7.5 HIGH |
| An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower. | |||||
| CVE-2023-37770 | 1 Grame | 1 Faust | 2023-07-27 | N/A | 5.5 MEDIUM |
| faust commit ee39a19 was discovered to contain a stack overflow via the component boxppShared::print() at /boxes/ppbox.cpp. | |||||
| CVE-2020-35524 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2022-07-30 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2020-11524 | 3 Canonical, Freerdp, Opensuse | 3 Ubuntu Linux, Freerdp, Leap | 2022-07-30 | 6.0 MEDIUM | 6.6 MEDIUM |
| libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | |||||
| CVE-2022-23804 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Eda | 2022-07-29 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-1484 | 1 Google | 1 Chrome | 2022-07-29 | N/A | 8.8 HIGH |
| Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1483 | 1 Google | 1 Chrome | 2022-07-29 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5824 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5827 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5821 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2019-5831 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5836 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-07-29 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||