Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30694 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-30699 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 9.8 CRITICAL |
| Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers. | |||||
| CVE-2023-30689 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-30647 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30688 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-30653 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Out of bounds read and write in enableTspDevice of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-30648 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 5.5 MEDIUM |
| Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system. | |||||
| CVE-2023-30696 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | |||||
| CVE-2023-30666 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in DoOemImeiSetPreconfig in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write. | |||||
| CVE-2023-30702 | 1 Samsung | 8 Galaxy Book2 Go, Galaxy Book2 Go Firmware, Galaxy Book2 Pro 360 and 5 more | 2023-11-07 | N/A | 7.8 HIGH |
| Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-30645 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in IpcRxIncomingCBMsg of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30669 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Out-of-bounds Write in DoOemFactorySendFactoryTestResult of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-30650 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-29182 | 1 Fortinet | 1 Fortios | 2023-11-07 | N/A | 6.7 MEDIUM |
| A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections. | |||||
| CVE-2023-28410 | 1 Intel | 1 I915 Graphics | 2023-11-07 | N/A | 7.8 HIGH |
| Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-27781 | 1 Jpegoptim Project | 1 Jpegoptim | 2023-11-07 | N/A | 7.8 HIGH |
| jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c. | |||||
| CVE-2023-28116 | 1 Contiki-ng | 1 Contiki-ng | 2023-11-07 | N/A | 9.8 CRITICAL |
| Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer (packetbuf) for processing of packets, with the size of PACKETBUF_SIZE. In particular, when using the BLE L2CAP module with the default configuration, the PACKETBUF_SIZE value becomes larger then the actual size of the packetbuf. When large packets are processed by the L2CAP module, a buffer overflow can therefore occur when copying the packet data to the packetbuf. The vulnerability has been patched in the "develop" branch of Contiki-NG, and will be included in release 4.9. The problem can be worked around by applying the patch manually. | |||||
| CVE-2023-25671 | 1 Google | 1 Tensorflow | 2023-11-07 | N/A | 7.5 HIGH |
| TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. | |||||
| CVE-2023-27403 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-11-07 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains a memory corruption vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20303, ZDI-CAN-20348) | |||||
| CVE-2023-26470 | 1 Xwiki | 1 Xwiki | 2023-11-07 | N/A | 7.5 HIGH |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make the farm unusable by adding an object to a page with a huge number (e.g. 67108863). Most of the time this will fill the memory allocated to XWiki and make it unusable every time this document is manipulated. This issue has been patched in XWiki 14.0-rc-1. | |||||