Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5730 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2023-11-01 | N/A | 9.8 CRITICAL |
| Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. | |||||
| CVE-2023-46549 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSetLg. | |||||
| CVE-2023-46548 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect. | |||||
| CVE-2023-46550 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice. | |||||
| CVE-2023-46546 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formStats. | |||||
| CVE-2023-46545 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWsc. | |||||
| CVE-2023-46551 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formReflashClientTbl. | |||||
| CVE-2023-46547 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSysLog. | |||||
| CVE-2023-46332 | 1 Webassembly | 1 Webassembly Binary Toolkit | 2023-10-30 | N/A | 5.5 MEDIUM |
| WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop(), which lead to segmentation fault. | |||||
| CVE-2023-24018 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-10-30 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-25097 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-10-30 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_qos function with the attach_class variable. | |||||
| CVE-2022-3699 | 1 Lenovo | 3 Diagnostics, Hardwarescan Addin, Hardwarescan Plugin | 2023-10-30 | N/A | 7.8 HIGH |
| A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to versionĀ 1.3.1.2 andĀ Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges. | |||||
| CVE-2023-40128 | 1 Google | 1 Android | 2023-10-30 | N/A | 7.8 HIGH |
| In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40129 | 1 Google | 1 Android | 2023-10-30 | N/A | 8.8 HIGH |
| In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-43492 | 1 Weintek | 14 Cmt-fhd, Cmt-fhd Firmware, Cmt-hdm and 11 more | 2023-10-30 | N/A | 9.8 CRITICAL |
| In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. | |||||
| CVE-2023-4601 | 2 Microsoft, Ni | 2 Windows, System Configuration | 2023-10-28 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions. | |||||
| CVE-2023-46602 | 1 Color | 1 Demoiccmax | 2023-10-28 | N/A | 8.8 HIGH |
| In International Color Consortium DemoIccMAX 79ecb74, there is a stack-based buffer overflow in the icFixXml function in IccXML/IccLibXML/IccUtilXml.cpp in libIccXML.a. | |||||
| CVE-2023-45677 | 1 Nothings | 1 Stb Vorbis.c | 2023-10-26 | N/A | 7.8 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if `len` read in `start_decoder` is a negative number and `setup_malloc` successfully allocates memory in that case, but memory write is done with a negative index `len`. Similarly if len is INT_MAX the integer overflow len+1 happens in `f->vendor = (char*)setup_malloc(f, sizeof(char) * (len+1));` and `f->comment_list[i] = (char*)setup_malloc(f, sizeof(char) * (len+1));`. This issue may lead to code execution. | |||||
| CVE-2023-45678 | 1 Nothings | 1 Stb Vorbis.c | 2023-10-26 | N/A | 7.8 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in `start_decoder` because at maximum `m->submaps` can be 16 but `submap_floor` and `submap_residue` are declared as arrays of 15 elements. This issue may lead to code execution. | |||||
| CVE-2023-45676 | 1 Nothings | 1 Stb Vorbis.c | 2023-10-26 | N/A | 7.8 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[i] = get8_packet(f);`. The root cause is an integer overflow in `setup_malloc`. A sufficiently large value in the variable `sz` overflows with `sz+7` in and the negative value passes the maximum available memory buffer check. This issue may lead to code execution. | |||||