Total
2578 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-5908 | 4 Ge, Ptc, Rockwellautomation and 1 more | 8 Industrial Gateway Server, Keepserverex, Opc-aggregator and 5 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. | |||||
| CVE-2023-5753 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 6.3 MEDIUM |
| Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c | |||||
| CVE-2023-5748 | 1 Synology | 1 Ssl Vpn Client | 2024-11-21 | N/A | 3.3 LOW |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors. | |||||
| CVE-2023-5184 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 7.0 HIGH |
| Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. | |||||
| CVE-2023-5139 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 4.4 MEDIUM |
| Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | |||||
| CVE-2023-5130 | 1 Deltaww | 1 Wplsoft | 2024-11-21 | 7.3 HIGH | 8.2 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution. | |||||
| CVE-2023-52735 | 2024-11-21 | N/A | 9.1 CRITICAL | ||
| In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself sock_map proto callbacks should never call themselves by design. Protect against bugs like [1] and break out of the recursive loop to avoid a stack overflow in favor of a resource leak. [1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/ | |||||
| CVE-2023-52733 | 2024-11-21 | N/A | 7.8 HIGH | ||
| In the Linux kernel, the following vulnerability has been resolved: s390/decompressor: specify __decompress() buf len to avoid overflow Historically calls to __decompress() didn't specify "out_len" parameter on many architectures including s390, expecting that no writes beyond uncompressed kernel image are performed. This has changed since commit 2aa14b1ab2c4 ("zstd: import usptream v1.5.2") which includes zstd library commit 6a7ede3dfccb ("Reduce size of dctx by reutilizing dst buffer (#2751)"). Now zstd decompression code might store literal buffer in the unwritten portion of the destination buffer. Since "out_len" is not set, it is considered to be unlimited and hence free to use for optimization needs. On s390 this might corrupt initrd or ipl report which are often placed right after the decompressor buffer. Luckily the size of uncompressed kernel image is already known to the decompressor, so to avoid the problem simply specify it in the "out_len" parameter. | |||||
| CVE-2023-52729 | 2024-11-21 | N/A | 7.5 HIGH | ||
| TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\0' to the end of long msg data. It can be exploited via crafted TCP packets. | |||||
| CVE-2023-52551 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52550 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52549 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-52364 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
| Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write. | |||||
| CVE-2023-52346 | 2024-11-21 | N/A | 4.4 MEDIUM | ||
| In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed | |||||
| CVE-2023-52103 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||||
| CVE-2023-52080 | 2024-11-21 | N/A | 7.7 HIGH | ||
| IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When critical data in memory data is tampered with,a crash may occur. | |||||
| CVE-2023-51888 | 1 Ctan | 1 Mathtex | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL. | |||||
| CVE-2023-51886 | 1 Ctan | 1 Mathtex | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote attacker to cause a denial of service when using \convertpath. | |||||
| CVE-2023-51885 | 1 Ctan | 1 Mathtex | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component. | |||||
| CVE-2023-51798 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. | |||||