Total
2602 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0150 | 1 Python | 1 Python | 2023-08-02 | 7.5 HIGH | N/A |
| Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS. | |||||
| CVE-2023-35981 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-08-02 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-35980 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-08-02 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-35982 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-08-02 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-24019 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-08-02 | N/A | 8.1 HIGH |
| A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2023-33802 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2023-08-01 | N/A | 5.5 MEDIUM |
| A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. | |||||
| CVE-2023-26966 | 1 Libtiff | 1 Libtiff | 2023-08-01 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | |||||
| CVE-2023-25433 | 1 Libtiff | 1 Libtiff | 2023-08-01 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV. | |||||
| CVE-2015-20109 | 1 Gnu | 1 Glibc | 2023-07-31 | N/A | 5.5 MEDIUM |
| end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. | |||||
| CVE-2023-32384 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-07-27 | N/A | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution. | |||||
| CVE-2023-23539 | 1 Apple | 1 Macos | 2023-07-27 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. | |||||
| CVE-2023-35802 | 1 Extremenetworks | 29 Ap1130, Ap122, Ap130 and 26 more | 2023-07-26 | N/A | 9.8 CRITICAL |
| IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit. | |||||
| CVE-2023-37793 | 1 Wayos | 2 Fbm-291w, Fbm-291w Firmware | 2023-07-26 | N/A | 9.8 CRITICAL |
| WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow via the component /upgrade_filter.asp. | |||||
| CVE-2023-34140 | 1 Zyxel | 48 Nxc2500, Nxc2500 Firmware, Nxc5500 and 45 more | 2023-07-26 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon. | |||||
| CVE-2023-21243 | 1 Google | 1 Android | 2023-07-25 | N/A | 5.5 MEDIUM |
| In validateForCommonR1andR2 of PasspointConfiguration.java, there is a possible way to inflate the size of a config file with no limits due to a buffer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2023-29414 | 1 Schneider-electric | 1 Accutech Manager | 2023-07-19 | N/A | 7.8 HIGH |
| A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call. | |||||
| CVE-2020-20118 | 1 Avast | 1 Antivirus | 2023-07-18 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver. | |||||
| CVE-2023-34561 | 1 Robtopgames | 1 Geometry Dash | 2023-07-18 | N/A | 9.8 CRITICAL |
| A buffer overflow in the level parsing code of RobTop Games AB Geometry Dash v2.113 allows attackers to execute arbitrary code via entering a Geometry Dash level. | |||||
| CVE-2021-46896 | 1 Dronecode | 1 Px4 Drone Autopilot | 2023-07-12 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332. | |||||
| CVE-2023-37245 | 1 Huawei | 2 Emui, Harmonyos | 2023-07-12 | N/A | 9.1 CRITICAL |
| Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||||