Total
10850 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26328 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-02-28 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-25868 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-02-28 | N/A | 7.8 HIGH |
| Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-27970 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-02-28 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-20872 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2024-02-28 | N/A | 8.8 HIGH |
| VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. | |||||
| CVE-2023-22614 | 1 Insyde | 1 Insydeh2o | 2024-02-28 | N/A | 8.8 HIGH |
| An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There is insufficient input validation in BIOS Guard updates. An attacker can induce memory corruption in SMM by supplying malformed inputs to the BIOS Guard SMI handler. | |||||
| CVE-2023-30668 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
| Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-30371 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-26330 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-02-28 | N/A | 7.8 HIGH |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-1229 | 1 Bentley | 1 Microstation Connect | 2024-02-28 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.2.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16581. | |||||
| CVE-2023-21100 | 1 Google | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
| In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-242544249 | |||||
| CVE-2022-47365 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-28 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-26760 | 1 Apple | 2 Ipados, Iphone Os | 2024-02-28 | N/A | 9.8 CRITICAL |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges. | |||||
| CVE-2023-24347 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. | |||||
| CVE-2022-43605 | 1 Opener Project | 1 Opener | 2024-02-28 | N/A | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability. | |||||
| CVE-2023-24122 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-02-28 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-41027 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 7.2 HIGH |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null)' command template. | |||||
| CVE-2023-23519 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-02-28 | N/A | 7.5 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing an image may lead to a denial-of-service. | |||||
| CVE-2023-20630 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6735 and 22 more | 2024-02-28 | N/A | 6.7 MEDIUM |
| In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628505; Issue ID: ALPS07628505. | |||||
| CVE-2023-24212 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg. | |||||
| CVE-2023-27117 | 1 Webassembly | 1 Webassembly | 2024-02-28 | N/A | 7.8 HIGH |
| WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator. | |||||