Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41983 | 3 Apple, Debian, Fedoraproject | 6 Ipados, Iphone Os, Macos and 3 more | 2024-01-31 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service. | |||||
| CVE-2021-3561 | 3 Debian, Fedoraproject, Fig2dev Project | 3 Debian Linux, Fedora, Fig2dev | 2024-01-26 | 5.8 MEDIUM | 7.1 HIGH |
| An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. | |||||
| CVE-2022-3625 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-01-26 | N/A | 7.8 HIGH |
| A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability. | |||||
| CVE-2022-3649 | 3 Debian, Linux, Netapp | 11 Debian Linux, Linux Kernel, Active Iq Unified Manager and 8 more | 2024-01-26 | N/A | 7.0 HIGH |
| A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211992. | |||||
| CVE-2023-40052 | 1 Progress | 2 Openedge, Openedge Innovation | 2024-01-26 | N/A | 7.5 HIGH |
| This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities of many web application clients. Multiple of these DoS attacks could lead to the flooding of invalid requests as compared to the server’s remaining ability to process valid requests. | |||||
| CVE-2022-39805 | 1 Sap | 1 3d Visual Enterprise Author | 2024-01-25 | N/A | 7.8 HIGH |
| Due to lack of proper memory management, when a victim opens a manipulated Computer Graphics Metafile (.cgm, CgmTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | |||||
| CVE-2022-41186 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-01-25 | N/A | 7.8 HIGH |
| Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory. | |||||
| CVE-2022-41196 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-01-25 | N/A | 7.8 HIGH |
| Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | |||||
| CVE-2023-20251 | 1 Cisco | 2 Aireos, Mobility Express Software | 2024-01-25 | N/A | 5.3 MEDIUM |
| A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple clients connecting under specific conditions. An attacker could exploit this vulnerability by causing multiple wireless clients to attempt to connect to an access point (AP) on an affected device. A successful exploit could allow the attacker to cause the affected device to reboot after a significant amount of time, resulting in a denial of service (DoS) condition. | |||||
| CVE-2021-3826 | 2 Fedoraproject, Gnu | 2 Fedora, Gcc | 2024-01-22 | N/A | 6.5 MEDIUM |
| Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol. | |||||
| CVE-2020-10757 | 7 Canonical, Debian, Fedoraproject and 4 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-01-19 | 6.9 MEDIUM | 7.8 HIGH |
| A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. | |||||
| CVE-2023-34332 | 1 Ami | 1 Megarac Sp-x | 2024-01-12 | N/A | 7.8 HIGH |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | |||||
| CVE-2023-34333 | 1 Ami | 1 Megarac Sp-x | 2024-01-12 | N/A | 7.8 HIGH |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | |||||
| CVE-2023-6560 | 1 Linux | 1 Linux Kernel | 2024-01-08 | N/A | 5.5 MEDIUM |
| An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system. | |||||
| CVE-2021-26868 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2023-12-29 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2016-9625 | 1 Tats | 1 W3m | 2023-12-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | |||||
| CVE-2016-9439 | 1 Tats | 1 W3m | 2023-12-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | |||||
| CVE-2016-9422 | 1 Tats | 1 W3m | 2023-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arbitrary code via a crafted HTML page. | |||||
| CVE-2016-9425 | 1 Tats | 1 W3m | 2023-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | |||||
| CVE-2016-9431 | 1 Tats | 1 W3m | 2023-12-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | |||||