Total
10958 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30378 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30376 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30375 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30373 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30372 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30371 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30370 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30369 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. | |||||
| CVE-2023-30368 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function. | |||||
| CVE-2023-30187 | 1 Onlyoffice | 1 Document Server | 2024-11-21 | N/A | 9.8 CRITICAL |
| An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | |||||
| CVE-2023-30087 | 1 Cesanta | 1 Mjs | 2024-11-21 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c. | |||||
| CVE-2023-30086 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. | |||||
| CVE-2023-2934 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2929 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2923 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230077 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-2911 | 4 Debian, Fedoraproject, Isc and 1 more | 14 Debian Linux, Fedora, Bind and 11 more | 2024-11-21 | N/A | 7.5 HIGH |
| If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. | |||||
| CVE-2023-2905 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A | 8.8 HIGH |
| Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11. | |||||
| CVE-2023-2873 | 2 Filseclab, Microsoft | 2 Twister Antivirus, Windows | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in Twister Antivirus 8. This vulnerability affects the function 0x804f2143/0x804f217f/0x804f214b/0x80800043 in the library filppd.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-2858 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A | 5.3 MEDIUM |
| NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file | |||||
| CVE-2023-2857 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A | 5.3 MEDIUM |
| BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file | |||||