Total
2592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40164 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2024-11-21 | N/A | 5.5 MEDIUM |
| Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++. | |||||
| CVE-2023-40036 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2024-11-21 | N/A | 5.5 MEDIUM |
| Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `CharDistributionAnalysis::HandleOneChar`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++. | |||||
| CVE-2023-40031 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2024-11-21 | N/A | 7.8 HIGH |
| Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++. | |||||
| CVE-2023-3766 | 1 Cloudflare | 1 Odoh-rs | 2024-11-21 | N/A | 5.9 MEDIUM |
| A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and send specially designed encrypted queries to targeted ODOH servers running with odoh-rs. Upon successful exploitation, the server will crash abruptly, disrupting its normal operation and rendering the service temporarily unavailable. | |||||
| CVE-2023-3618 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2024-11-21 | N/A | 6.5 MEDIUM |
| A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. | |||||
| CVE-2023-3494 | 1 Freebsd | 1 Freebsd | 2024-11-21 | N/A | 8.8 HIGH |
| The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copying this string. Malicious, privileged software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root, mitigated by the capabilities assigned through the Capsicum sandbox available to the bhyve process. | |||||
| CVE-2023-3471 | 1 Panasonic | 1 Kw Watcher | 2024-11-21 | N/A | 8.6 HIGH |
| Buffer overflow vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code. | |||||
| CVE-2023-3346 | 1 Mitsubishielectric | 42 C80, C80 Firmware, E70 and 39 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery. | |||||
| CVE-2023-39976 | 1 Clusterlabs | 1 Libqb | 2024-11-21 | N/A | 9.8 CRITICAL |
| log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. | |||||
| CVE-2023-39750 | 1 Dlink | 2 Dap-2660, Dap-2660 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request. | |||||
| CVE-2023-39749 | 1 Dlink | 2 Dap-2660, Dap-2660 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request. | |||||
| CVE-2023-39747 | 1 Tp-link | 6 Tl-wr841n V8, Tl-wr841n V8 Firmware, Tl-wr940n V2 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm. | |||||
| CVE-2023-39745 | 1 Tp-link | 6 Tl-wr841n V8, Tl-wr841n V8 Firmware, Tl-wr940n V2 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
| TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-39742 | 1 Giflib Project | 1 Giflib | 2024-11-21 | N/A | 5.5 MEDIUM |
| giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. | |||||
| CVE-2023-39674 | 1 Dlink | 2 Dir-880l A1, Dir-880l A1 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets. | |||||
| CVE-2023-39673 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34(). | |||||
| CVE-2023-39672 | 1 Tenda | 2 Wh450a, Wh450a Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow via the function fgets. | |||||
| CVE-2023-39671 | 1 Dlink | 2 Dir-880l A1, Dir-880l A1 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68. | |||||
| CVE-2023-39670 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets. | |||||
| CVE-2023-39668 | 1 Dlink | 2 Dir-868l, Dir-868l Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DIR-868L fw_revA_1-12_eu_multi_20170316 was discovered to contain a buffer overflow via the param_2 parameter in the inet_ntoa() function. | |||||