Vulnerabilities (CVE)

Filtered by CWE-119
Total 11607 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-31882 1 Siemens 16 Apogee Modular Building Controller, Apogee Modular Building Controller Firmware, Apogee Modular Equiment Controller and 13 more 2024-10-08 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011)
CVE-2023-6361 2024-10-07 N/A 7.3 HIGH
A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.
CVE-2023-6362 2024-10-07 N/A 7.3 HIGH
A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.
CVE-2024-9400 2024-10-04 N/A 8.8 HIGH
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9401 2024-10-04 N/A 9.8 CRITICAL
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9402 2024-10-04 N/A 9.8 CRITICAL
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9396 2024-10-04 N/A 8.8 HIGH
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-24921 1 Siemens 1 Simcenter Femap 2024-10-03 N/A 7.8 HIGH
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21712)
CVE-2020-27792 2 Artifex, Debian 2 Ghostscript, Debian Linux 2024-09-30 N/A 7.1 HIGH
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.
CVE-2024-38267 1 Zyxel 82 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 79 more 2024-09-30 N/A 4.9 MEDIUM
An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-38268 1 Zyxel 82 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 79 more 2024-09-30 N/A 4.9 MEDIUM
An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-38269 1 Zyxel 82 Ax7501-b1, Ax7501-b1 Firmware, Dx3300-t0 and 79 more 2024-09-30 N/A 4.9 MEDIUM
An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-22170 2024-09-30 N/A N/A
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102.
CVE-2023-39984 1 Hitachi 1 Eh-view 2024-09-27 N/A 7.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially disclose information and execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2024-38266 2024-09-26 N/A 4.9 MEDIUM
An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
CVE-2024-7024 2024-09-26 N/A 9.3 CRITICAL
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-6334 2 Hypr, Microsoft 2 Workforce Access, Windows 2024-09-25 N/A 7.8 HIGH
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.
CVE-2023-3110 1 Silabs 1 Unify Software Development Kit 2024-09-25 N/A 8.8 HIGH
Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.
CVE-2023-3024 2 Qualcomm, Silabs 9 Aqt1000, Csrb31024, Wcd9370 and 6 more 2024-09-25 N/A 6.5 MEDIUM
Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access.
CVE-2023-0972 1 Silabs 1 Z\/ip Gateway Sdk 2024-09-25 N/A 8.8 HIGH
Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.