Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-7321 | 1 Artifex | 1 Mupdf | 2024-09-11 | 7.5 HIGH | 9.8 CRITICAL |
| Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code. | |||||
| CVE-2024-32671 | 1 Samsung | 1 Escargot | 2024-09-11 | N/A | 9.8 CRITICAL |
| Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0. | |||||
| CVE-2023-46564 | 1 Totolink | 2 X2000r, X2000r Firmware | 2024-09-11 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ. | |||||
| CVE-2024-41131 | 1 Sixlabors | 1 Imagesharp | 2024-09-11 | N/A | 7.5 HIGH |
| ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9. | |||||
| CVE-2023-32466 | 1 Dell | 2 Edge Gateway 3200, Edge Gateway 3200 Firmware | 2024-09-11 | N/A | 5.7 MEDIUM |
| Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some UEFI code, leading to arbitrary code execution or escalation of privilege. | |||||
| CVE-2024-40764 | 1 Sonicwall | 32 Nsa 2700, Nsa 3700, Nsa 4700 and 29 more | 2024-09-10 | N/A | 7.5 HIGH |
| Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS). | |||||
| CVE-2023-46866 | 1 Color | 1 Demoiccmax | 2024-09-09 | N/A | 6.5 MEDIUM |
| In International Color Consortium DemoIccMAX 79ecb74, CIccCLUT::Interp3d in IccProfLib/IccTagLut.cpp in libSampleICC.a attempts to access array elements at out-of-bounds indexes. | |||||
| CVE-2023-51092 | 1 Tenda | 2 M3, M3 Firmware | 2024-09-09 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade. | |||||
| CVE-2022-36423 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 7.4 HIGH |
| OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. | |||||
| CVE-2024-37077 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 9.8 CRITICAL |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | |||||
| CVE-2022-38701 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 3.3 LOW |
| OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information. | |||||
| CVE-2022-43662 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 7.8 HIGH |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | |||||
| CVE-2024-36243 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 9.8 CRITICAL |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write. | |||||
| CVE-2022-41686 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 4.4 MEDIUM |
| OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption. | |||||
| CVE-2023-45734 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 8.8 HIGH |
| in OpenHarmony v3.2.4 and prior versions allow an adjacent attacker arbitrary code execution through out-of-bounds write. | |||||
| CVE-2022-41802 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 3.3 LOW |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | |||||
| CVE-2024-37185 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 9.8 CRITICAL |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | |||||
| CVE-2022-45126 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-09-09 | N/A | 7.8 HIGH |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | |||||
| CVE-2024-36260 | 1 Openatom | 1 Openharmony | 2024-09-09 | N/A | 9.8 CRITICAL |
| in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write. | |||||
| CVE-2023-39281 | 3 Amd, Insyde, Intel | 279 Athlon Gold 7220u, Athlon Silver 7120u, Ryzen3 5300u and 276 more | 2024-09-06 | N/A | 9.8 CRITICAL |
| A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase. | |||||