Total
2592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38823 | 1 Tenda | 8 Ac18, Ac18 Firmware, Ac19 and 5 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | |||||
| CVE-2023-38591 | 1 Netgear | 2 Dg834gv5, Dg834gv5 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi. | |||||
| CVE-2023-38590 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2023-38581 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Buffer overflow in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-38559 | 4 Artifex, Debian, Fedoraproject and 1 more | 4 Ghostscript, Debian Linux, Fedora and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. | |||||
| CVE-2023-38412 | 1 Netgear | 2 R6900p, R6900p Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi. | |||||
| CVE-2023-37929 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
| CVE-2023-37926 | 1 Zyxel | 20 Atp100, Atp100w, Atp200 and 17 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. | |||||
| CVE-2023-37793 | 1 Wayos | 2 Fbm-291w, Fbm-291w Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow via the component /upgrade_filter.asp. | |||||
| CVE-2023-37758 | 1 Dlink | 2 Dir-815, Dir-815 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi. | |||||
| CVE-2023-37734 | 1 Ezsoftmagic | 1 Mp3 Audio Converter | 2024-11-21 | N/A | 9.8 CRITICAL |
| EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a buffer overflow. | |||||
| CVE-2023-37457 | 2 Digium, Sangoma | 2 Asterisk, Certified Asterisk | 2024-11-21 | N/A | 7.5 HIGH |
| Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa. | |||||
| CVE-2023-37245 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.1 CRITICAL |
| Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||||
| CVE-2023-36659 | 1 Opswat | 1 Metadefender Kiosk | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication). | |||||
| CVE-2023-36499 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. | |||||
| CVE-2023-36482 | 1 Samsung | 10 S3nrn4v, S3nrn4v Firmware, S3nrn82 and 7 more | 2024-11-21 | N/A | 4.3 MEDIUM |
| An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart. | |||||
| CVE-2023-36481 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. | |||||
| CVE-2023-36377 | 1 Osslsigncode Project | 1 Osslsigncode | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files. | |||||
| CVE-2023-36359 | 1 Tp-link | 6 Tl-wr841n, Tl-wr841n Firmware, Tl-wr940n and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
| TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-36358 | 1 Tp-link | 8 Tl-wr743nd, Tl-wr743nd Firmware, Tl-wr841n and 5 more | 2024-11-21 | N/A | 7.7 HIGH |
| TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||