Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-39749 | 1 Dlink | 2 Dap-2660, Dap-2660 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request. | |||||
CVE-2023-39666 | 1 Dlink | 2 Dir-842, Dir-842 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters. | |||||
CVE-2023-5184 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | N/A | 8.8 HIGH |
Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. | |||||
CVE-2020-21427 | 1 Freeimage Project | 1 Freeimage | 2024-02-28 | N/A | 7.8 HIGH |
Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. | |||||
CVE-2023-29468 | 1 Ti | 1 Wilink8-wifi-mcp8 | 2024-02-28 | N/A | 9.8 CRITICAL |
The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier. | |||||
CVE-2023-43896 | 1 Macrium | 1 Reflect | 2024-02-28 | N/A | 7.8 HIGH |
A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code. | |||||
CVE-2022-29654 | 1 Nasm | 1 Netwide Assembler | 2024-02-28 | N/A | 5.5 MEDIUM |
Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. | |||||
CVE-2023-5139 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | N/A | 7.8 HIGH |
Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | |||||
CVE-2023-3471 | 1 Panasonic | 1 Kw Watcher | 2024-02-28 | N/A | 7.8 HIGH |
Buffer overflow vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code. | |||||
CVE-2021-28427 | 1 Xnview | 1 Xnview | 2024-02-28 | N/A | 7.8 HIGH |
Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file. | |||||
CVE-2023-28736 | 1 Mdadm Project | 1 Mdadm | 2024-02-28 | N/A | 6.7 MEDIUM |
Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2023-38412 | 1 Netgear | 2 R6900p, R6900p Firmware | 2024-02-28 | N/A | 8.8 HIGH |
Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi. | |||||
CVE-2023-38924 | 1 Netgear | 2 Dgn3500, Dgn3500 Firmware | 2024-02-28 | N/A | 6.5 MEDIUM |
Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi. | |||||
CVE-2023-39068 | 1 Xiongmaitech | 4 Nb080s09s-klc, Nb080s09s-klc Firmware, Nbd80n32ra-kl-v3 and 1 more | 2024-02-28 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability in NBD80S09S-KLC v.YK_HZXM_NBD80S09S-KLC_V4.03.R11.7601.Nat.OnvifC.20230414.bin and NBD80N32RA-KL-V3 v.YK_HZXM_NBD80N32RA-KL_V4.03.R11.7601.Nat.OnvifC.20220120.bin allows a remote attacker to casue a denial of service via a crafted request to the service.XM component. | |||||
CVE-2023-36198 | 1 Skale | 1 Sgxwallet | 2024-02-28 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function. | |||||
CVE-2023-41299 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | N/A | 7.5 HIGH |
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart. | |||||
CVE-2023-3766 | 1 Cloudflare | 1 Odoh-rs | 2024-02-28 | N/A | 5.9 MEDIUM |
A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and send specially designed encrypted queries to targeted ODOH servers running with odoh-rs. Upon successful exploitation, the server will crash abruptly, disrupting its normal operation and rendering the service temporarily unavailable. | |||||
CVE-2023-35980 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2024-02-28 | N/A | 9.8 CRITICAL |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
CVE-2023-40166 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2024-02-28 | N/A | 5.5 MEDIUM |
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in `FileManager::detectLanguageFromTextBegining `. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++. | |||||
CVE-2023-4260 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | N/A | 10.0 CRITICAL |
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. |