Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-50628 | 1 Libming | 1 Libming | 2024-02-28 | N/A | 9.8 CRITICAL |
Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive information via parser.c component. | |||||
CVE-2023-41280 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-28 | N/A | 7.2 HIGH |
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | |||||
CVE-2023-49208 | 1 Glewlwyd Sso Server Project | 1 Glewlwyd Sso Server | 2024-02-28 | N/A | 9.8 CRITICAL |
scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration. | |||||
CVE-2024-23617 | 1 Broadcom | 1 Symantec Data Center Security Server | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution. | |||||
CVE-2023-47347 | 1 Free5gc | 1 Free5gc | 2024-02-28 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. | |||||
CVE-2023-45040 | 1 Qnap | 2 Qts, Quts Hero | 2024-02-28 | N/A | 7.2 HIGH |
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
CVE-2023-47345 | 1 Free5gc | 1 Free5gc | 2024-02-28 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero. | |||||
CVE-2023-43820 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
CVE-2023-49993 | 1 Espeak-ng | 1 Espeak-ng | 2024-02-28 | N/A | 5.3 MEDIUM |
Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the function ReadClause at readclause.c. | |||||
CVE-2023-49700 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-02-28 | N/A | 7.5 HIGH |
Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large. | |||||
CVE-2023-47307 | 1 Szlbt | 2 Lbt-t300-t310, Lbt-t300-t310 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter. | |||||
CVE-2023-45036 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-28 | N/A | 7.2 HIGH |
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later | |||||
CVE-2024-23616 | 1 Broadcom | 1 Symantec Server Management Suite | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | |||||
CVE-2023-4424 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | N/A | 8.8 HIGH |
An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. | |||||
CVE-2023-43821 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
CVE-2023-5908 | 4 Ge, Ptc, Rockwellautomation and 1 more | 8 Industrial Gateway Server, Keepserverex, Opc-aggregator and 5 more | 2024-02-28 | N/A | 9.1 CRITICAL |
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. | |||||
CVE-2023-43818 | 1 Deltaww | 1 Dopsoft | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | |||||
CVE-2023-51886 | 1 Ctan | 1 Mathtex | 2024-02-28 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote attacker to cause a denial of service when using \convertpath. | |||||
CVE-2023-4397 | 1 Zyxel | 16 Atp100, Atp100w, Atp200 and 13 more | 2024-02-28 | N/A | 4.4 MEDIUM |
A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device. | |||||
CVE-2023-41279 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-28 | N/A | 7.2 HIGH |
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later |