Total
2592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28211 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-28210 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-28209 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-27989 | 1 Zyxel | 8 Lte7480-m804, Lte7480-m804 Firmware, Lte7490-m904 and 5 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
| CVE-2023-27972 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. | |||||
| CVE-2023-27971 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. | |||||
| CVE-2023-27968 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.1 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-27957 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-27853 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. | |||||
| CVE-2023-27852 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. | |||||
| CVE-2023-27705 | 1 Apng Optimizer Project | 1 Apng Optimizer | 2024-11-21 | N/A | 7.5 HIGH |
| APNG_Optimizer v1.4 was discovered to contain a buffer overflow via the component /apngopt/ubuntu.png. | |||||
| CVE-2023-27590 | 1 Rizin | 1 Rizin | 2024-11-21 | N/A | 7.8 HIGH |
| Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands. | |||||
| CVE-2023-27585 | 1 Teluu | 1 Pjsip | 2024-11-21 | N/A | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. | |||||
| CVE-2023-27518 | 1 Contec | 4 Sv-cpt-mc310, Sv-cpt-mc310 Firmware, Sv-cpt-mc310f and 1 more | 2024-11-21 | N/A | 8.8 HIGH |
| Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code. | |||||
| CVE-2023-27065 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2023-27064 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2023-27063 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2023-27062 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2023-27061 | 1 Tenda | 2 W15e, W15e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2023-26966 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | |||||