Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-35856 | 1 Nintendo | 1 Mario Kart Wii | 2024-02-28 | N/A | 9.8 CRITICAL |
A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a client's machine via a crafted packet. | |||||
CVE-2023-31475 | 1 Gl-inet | 64 Gl-a1300, Gl-a1300 Firmware, Gl-ap1300 and 61 more | 2024-02-28 | N/A | 9.8 CRITICAL |
An issue was discovered on GL.iNet devices before 3.216. The function guci2_get() found in libglutil.so has a buffer overflow when an item is requested from a UCI context, and the value is pasted into a char pointer to a buffer without checking the size of the buffer. | |||||
CVE-2023-28769 | 1 Zyxel | 2 Dx5401-b0, Dx5401-b0 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
The buffer overflow vulnerability in the library “libclinkc.so” of the web server “zhttpd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to execute some OS commands or to cause denial-of-service (DoS) conditions on a vulnerable device. | |||||
CVE-2023-22917 | 1 Zyxel | 36 Atp100, Atp100 Firmware, Atp100w and 33 more | 2024-02-28 | N/A | 7.5 HIGH |
A buffer overflow vulnerability in the “sdwan_iface_ipc” binary of Zyxel ATP series firmware versions 5.10 through 5.32, USG FLEX series firmware versions 5.00 through 5.32, USG FLEX 50(W) firmware versions 5.10 through 5.32, USG20(W)-VPN firmware versions 5.10 through 5.32, and VPN series firmware versions 5.00 through 5.35, which could allow a remote unauthenticated attacker to cause a core dump with a request error message on a vulnerable device by uploading a crafted configuration file. | |||||
CVE-2015-20109 | 1 Gnu | 1 Glibc | 2024-02-28 | N/A | 5.5 MEDIUM |
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. | |||||
CVE-2023-34561 | 1 Robtopgames | 1 Geometry Dash | 2024-02-28 | N/A | 9.8 CRITICAL |
A buffer overflow in the level parsing code of RobTop Games AB Geometry Dash v2.113 allows attackers to execute arbitrary code via entering a Geometry Dash level. | |||||
CVE-2021-26354 | 1 Amd | 304 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 301 more | 2024-02-28 | N/A | 5.5 MEDIUM |
Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity. | |||||
CVE-2023-26733 | 1 Tinytiff Project | 1 Tinytiff | 2024-02-28 | N/A | 7.8 HIGH |
Buffer Overflow vulnerability found in tinyTIFF v.3.0 allows a local attacker to cause a denial of service via the TinyTiffReader_readNextFrame function in tinytiffreader.c file. | |||||
CVE-2020-19692 | 1 Nginx | 1 Njs | 2024-02-28 | N/A | 9.8 CRITICAL |
Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file. | |||||
CVE-2023-25433 | 1 Libtiff | 1 Libtiff | 2024-02-28 | N/A | 5.5 MEDIUM |
libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV. | |||||
CVE-2023-23494 | 1 Apple | 2 Ipados, Iphone Os | 2024-02-28 | N/A | 5.3 MEDIUM |
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service. | |||||
CVE-2023-25505 | 1 Nvidia | 2 Bmc, Dgx-1 | 2024-02-28 | N/A | 7.8 HIGH |
NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution. | |||||
CVE-2023-36239 | 1 Libming | 1 Libming | 2024-02-28 | N/A | 8.8 HIGH |
libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c. | |||||
CVE-2023-30280 | 1 Netgear | 4 R6700, R6700 Firmware, R6900 and 1 more | 2024-02-28 | N/A | 9.8 CRITICAL |
Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page. | |||||
CVE-2022-47499 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-28 | N/A | 4.4 MEDIUM |
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
CVE-2023-37245 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | N/A | 9.1 CRITICAL |
Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||||
CVE-2023-27989 | 1 Zyxel | 8 Lte7480-m804, Lte7480-m804 Firmware, Lte7490-m904 and 5 more | 2024-02-28 | N/A | 6.5 MEDIUM |
A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
CVE-2023-23300 | 1 Garmin | 1 Connect-iq | 2024-02-28 | N/A | 9.8 CRITICAL |
The `Toybox.Cryptography.Cipher.initialize` API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware. | |||||
CVE-2023-32674 | 1 Hp | 1 Pc Hardware Diagnostics | 2024-02-28 | N/A | 9.8 CRITICAL |
Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow. | |||||
CVE-2023-26612 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. |