Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45479 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098. | |||||
| CVE-2023-45480 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878. | |||||
| CVE-2023-45482 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. | |||||
| CVE-2023-45483 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. | |||||
| CVE-2023-45484 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic. | |||||
| CVE-2023-49046 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule. | |||||
| CVE-2023-49043 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2023-12-01 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat. | |||||
| CVE-2023-47359 | 1 Videolan | 1 Vlc Media Player | 2023-12-01 | N/A | 9.8 CRITICAL |
| Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. | |||||
| CVE-2022-44010 | 1 Clickhouse | 1 Clickhouse | 2023-11-30 | N/A | 7.5 HIGH |
| An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint (usually listening on port 8123 by default), causing a heap-based buffer overflow that crashes the process. This does not require authentication. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19. | |||||
| CVE-2022-44011 | 1 Clickhouse | 1 Clickhouse | 2023-11-30 | N/A | 6.5 MEDIUM |
| An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19. | |||||
| CVE-2023-48105 | 1 Bytecodealliance | 1 Webassembly Micro Runtime | 2023-11-30 | N/A | 7.5 HIGH |
| An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasm_loader_prepare_bytecode function in core/iwasm/interpreter/wasm_loader.c. | |||||
| CVE-2023-27103 | 1 Struktur | 1 Libde265 | 2023-11-30 | N/A | 8.8 HIGH |
| Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc. | |||||
| CVE-2023-40152 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2023-11-30 | N/A | 7.8 HIGH |
| When Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file an out of bounds write may occur. | |||||
| CVE-2023-35127 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2023-11-30 | N/A | 7.8 HIGH |
| Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file. | |||||
| CVE-2023-6212 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2023-11-30 | N/A | 8.8 HIGH |
| Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. | |||||
| CVE-2023-41140 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2023-11-30 | N/A | 7.8 HIGH |
| A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2023-28401 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2023-11-30 | N/A | 7.8 HIGH |
| Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-38405 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-11-30 | N/A | 7.8 HIGH |
| The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-29074 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2023-11-30 | N/A | 9.8 CRITICAL |
| A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2023-29073 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2023-11-30 | N/A | 9.8 CRITICAL |
| A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||