Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40141 | 1 Google | 1 Android | 2023-10-18 | N/A | 7.8 HIGH |
| In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-35662 | 1 Google | 1 Android | 2023-10-18 | N/A | 9.8 CRITICAL |
| there is a possible out of bounds write due to buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-44176 | 1 Juniper | 2 Junos, Junos Os Evolved | 2023-10-17 | N/A | 5.5 MEDIUM |
| A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3. | |||||
| CVE-2016-10164 | 1 X.org | 1 Libxpm | 2023-10-17 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow. | |||||
| CVE-2023-32722 | 1 Zabbix | 1 Zabbix | 2023-10-17 | N/A | 7.8 HIGH |
| The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. | |||||
| CVE-2022-28185 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Virtual Gpu | 2023-10-15 | 3.6 LOW | 7.1 HIGH |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the ECC layer, where an unprivileged regular user can cause an out-of-bounds write, which may lead to denial of service and data tampering. | |||||
| CVE-2023-0199 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Nvs and 4 more | 2023-10-15 | N/A | 6.1 MEDIUM |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds write can lead to denial of service and data tampering. | |||||
| CVE-2023-35646 | 1 Google | 1 Android | 2023-10-14 | N/A | 9.8 CRITICAL |
| In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-35645 | 1 Google | 1 Android | 2023-10-13 | N/A | 6.4 MEDIUM |
| In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-28181 | 3 Linux, Microsoft, Nvidia | 4 Linux Kernel, Windows, Gpu Display Driver and 1 more | 2023-10-13 | 6.9 MEDIUM | 9.9 CRITICAL |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. The scope of the impact may extend to other components. | |||||
| CVE-2023-34365 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2023-34426 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the httpd manage_request functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2023-35965 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function. | |||||
| CVE-2023-35967 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function. | |||||
| CVE-2023-35966 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function. | |||||
| CVE-2023-34346 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2023-35968 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the realloc function. | |||||
| CVE-2023-31272 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2022-22989 | 1 Westerndigital | 11 My Cloud, My Cloud Dl2100, My Cloud Dl4100 and 8 more | 2023-10-12 | 7.5 HIGH | 9.8 CRITICAL |
| My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues. | |||||
| CVE-2023-5169 | 3 Debian, Fedoraproject, Mozilla | 5 Debian Linux, Fedora, Firefox and 2 more | 2023-10-12 | N/A | 6.5 MEDIUM |
| A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | |||||