Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-8271 | 1 Tianocore | 1 Edk2 | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name. | |||||
CVE-2019-8508 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. | |||||
CVE-2019-10606 | 1 Qualcomm | 16 Mdm9607, Mdm9607 Firmware, Msm8909w and 13 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Out-of-bound access will occur in USB driver due to lack of check to validate the frame size passed by user in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, QCS605, SDX24 | |||||
CVE-2019-17415 | 1 Upredsun | 1 File Sharing Wizard | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331. | |||||
CVE-2019-2252 | 1 Qualcomm | 72 Mdm9650, Mdm9650 Firmware, Msm8909w and 69 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | |||||
CVE-2020-5212 | 1 Nethack | 1 Nethack | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5. | |||||
CVE-2019-17181 | 1 Intrasrv Project | 1 Intrasrv | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). An attacker may send a crafted HTTP GET or HEAD request that can result in a compromise of the hosting system. | |||||
CVE-2013-4743 | 1 Static Http Server Project | 1 Static Http Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Static HTTP Server 1.0 has a Local Overflow | |||||
CVE-2015-0243 | 2 Debian, Postgresql | 2 Debian Linux, Postgresql | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
CVE-2019-17243 | 1 Irfanview | 1 Irfanview | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
IrfanView 4.53 allows Data from a Faulting Address to control Code Flow starting at JPEG_LS+0x0000000000003155. | |||||
CVE-2019-17519 | 1 Nxp | 9 Kw31z, Kw34, Kw35 and 6 more | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet. | |||||
CVE-2019-5258 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal. | |||||
CVE-2006-3100 | 1 Termpkg Project | 1 Termpkg | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
termpkg 3.3 suffers from buffer overflow. | |||||
CVE-2019-7366 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. A user may be tricked into opening a malicious FBX file which may exploit a buffer overflow vulnerability causing it to run arbitrary code on the system. | |||||
CVE-2013-1592 | 1 Sap | 1 Netweaver | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code. | |||||
CVE-2019-19196 | 1 Telink-semi | 10 Tlsr8232, Tlsr8232 Ble Sdk, Tlsr8251 and 7 more | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices accepts a pairing request with a key size greater than 16 bytes, allowing an attacker in radio range to cause a buffer overflow and denial of service (crash) via crafted packets. | |||||
CVE-2019-15948 | 1 Ti | 6 Cc256xb-bt-sp, Cc256xb-bt-sp Firmware, Cc256xc-bt-sp and 3 more | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4. | |||||
CVE-2012-3407 | 1 Plow Project | 1 Plow | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
plow has local buffer overflow vulnerability | |||||
CVE-2019-8287 | 1 Tightvnc | 1 Tightvnc | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity. | |||||
CVE-2019-10540 | 1 Qualcomm | 54 Ipq8074, Ipq8074 Firmware, Msm8996au and 51 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MSM8996AU, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCS404, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SXR1130 |