Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-31470 | 1 Pymumu | 1 Smartdns | 2025-01-31 | N/A | 9.8 CRITICAL |
| SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the _dns_encode_domain function in the dns.c file, via a crafted DNS request. | |||||
| CVE-2023-23306 | 1 Garmin | 1 Connect-iq | 2025-01-31 | N/A | 9.8 CRITICAL |
| The `Toybox.Ant.BurstPayload.add` API method in CIQ API version 2.2.0 through 4.1.7 suffers from a type confusion vulnreability, which can result in an out-of-bounds write operation. A malicious application could create a specially crafted `Toybox.Ant.BurstPayload` object, call its `add` method, override arbitrary memory and hijack the execution of the device's firmware. | |||||
| CVE-2023-23556 | 1 Facebook | 1 Hermes | 2025-01-31 | N/A | 9.8 CRITICAL |
| An error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | |||||
| CVE-2023-27973 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2025-01-30 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. | |||||
| CVE-2024-47131 | 1 Deltaww | 1 Diascreen | 2025-01-30 | N/A | 7.8 HIGH |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code. | |||||
| CVE-2024-39354 | 1 Deltaww | 1 Diascreen | 2025-01-30 | N/A | 7.8 HIGH |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code. | |||||
| CVE-2024-39605 | 1 Deltaww | 1 Diascreen | 2025-01-30 | N/A | 7.8 HIGH |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code. | |||||
| CVE-2022-28667 | 1 Intel | 28 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 25 more | 2025-01-29 | N/A | 6.5 MEDIUM |
| Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2023-27936 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-01-29 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-29995 | 1 Emqx | 1 Nanomq | 2025-01-29 | N/A | 7.5 HIGH |
| In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c | |||||
| CVE-2023-31284 | 1 Illumos | 1 Illumos-gate | 2025-01-29 | N/A | 7.8 HIGH |
| illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net. | |||||
| CVE-2023-29994 | 1 Emqx | 1 Nanomq | 2025-01-29 | N/A | 7.5 HIGH |
| In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c. | |||||
| CVE-2023-27965 | 1 Apple | 3 Macos, Studio Display, Studio Display Firmware | 2025-01-29 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-29696 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-01-29 | N/A | 9.8 CRITICAL |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set. | |||||
| CVE-2023-31976 | 1 Libming | 1 Libming | 2025-01-29 | N/A | 8.8 HIGH |
| libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_utils.c. | |||||
| CVE-2023-29693 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-01-29 | N/A | 9.8 CRITICAL |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad. | |||||
| CVE-2023-24958 | 1 Ibm | 6 3948-ved, 3948-ved Firmware, 3957-vec and 3 more | 2025-01-29 | N/A | 8.8 HIGH |
| A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320. | |||||
| CVE-2023-31981 | 1 Irontec | 1 Sngrep | 2025-01-29 | N/A | 7.8 HIGH |
| Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c. | |||||
| CVE-2022-32885 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-01-29 | N/A | 8.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution | |||||
| CVE-2024-7674 | 1 Autodesk | 1 Navisworks | 2025-01-29 | N/A | 7.8 HIGH |
| A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. | |||||