Total
2602 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45037 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-45036 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-41279 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-41280 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-41292 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-41275 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-41278 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-41277 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2023-41276 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | |||||
| CVE-2008-0379 | 1 Businessobjects | 1 Crystal Reports Xi | 2024-02-02 | 9.3 HIGH | N/A |
| Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer overflow. | |||||
| CVE-2019-25078 | 1 Pacparser Project | 1 Pacparser | 2024-02-01 | N/A | 7.8 HIGH |
| A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the argument url leads to buffer overflow. Attacking locally is a requirement. Upgrading to version 1.4.0 is able to address this issue. The name of the patch is 853e8f45607cb07b877ffd270c63dbcdd5201ad9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215443. | |||||
| CVE-2024-23615 | 1 Broadcom | 1 Symantec Messaging Gateway | 2024-01-31 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | |||||
| CVE-2024-23621 | 1 Ibm | 1 Merge Efilm Workstation | 2024-01-31 | N/A | 9.8 CRITICAL |
| A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. | |||||
| CVE-2024-23617 | 1 Broadcom | 1 Symantec Data Center Security Server | 2024-01-31 | N/A | 8.8 HIGH |
| A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution. | |||||
| CVE-2024-23616 | 1 Broadcom | 1 Symantec Server Management Suite | 2024-01-31 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | |||||
| CVE-2024-23614 | 1 Broadcom | 1 Symantec Messaging Gateway | 2024-01-31 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | |||||
| CVE-2024-23613 | 1 Broadcom | 1 Symantec Deployment Solutions | 2024-01-31 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | |||||
| CVE-2021-30475 | 2 Aomedia, Fedoraproject | 2 Aomedia, Fedora | 2024-01-31 | 7.5 HIGH | 9.8 CRITICAL |
| aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. | |||||
| CVE-2020-36133 | 1 Aomedia | 1 Aomedia | 2024-01-31 | 6.8 MEDIUM | 8.8 HIGH |
| AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. | |||||
| CVE-2002-0969 | 2 Microsoft, Oracle | 2 Windows, Mysql | 2024-01-26 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | |||||