Total
10958 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-29584 | 1 Mp4v2 Project | 1 Mp4v2 | 2024-11-21 | N/A | 8.8 HIGH |
| mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp. | |||||
| CVE-2023-29583 | 1 Yasm Project | 1 Yasm | 2024-11-21 | N/A | 5.5 MEDIUM |
| yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | |||||
| CVE-2023-29582 | 1 Yasm Project | 1 Yasm | 2024-11-21 | N/A | 5.5 MEDIUM |
| yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | |||||
| CVE-2023-29579 | 1 Yasm Project | 1 Yasm | 2024-11-21 | N/A | 5.5 MEDIUM |
| yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | |||||
| CVE-2023-29578 | 1 Mp4v2 Project | 1 Mp4v2 | 2024-11-21 | N/A | 8.8 HIGH |
| mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp. | |||||
| CVE-2023-29562 | 1 Tp-link | 2 Tl-wpa7510, Tl-wpa7510 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale. | |||||
| CVE-2023-29551 | 1 Mozilla | 2 Firefox, Focus | 2024-11-21 | N/A | 8.8 HIGH |
| Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. | |||||
| CVE-2023-29531 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. *This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. | |||||
| CVE-2023-29491 | 1 Gnu | 1 Ncurses | 2024-11-21 | N/A | 7.8 HIGH |
| ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. | |||||
| CVE-2023-29464 | 1 Rockwellautomation | 1 Factorytalk Linx | 2024-11-21 | N/A | 8.2 HIGH |
| FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol. | |||||
| CVE-2023-29462 | 1 Rockwellautomation | 1 Arena Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complete loss of confidentiality, integrity, and availability. | |||||
| CVE-2023-29451 | 1 Zabbix | 1 Zabbix | 2024-11-21 | N/A | 4.7 MEDIUM |
| Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. | |||||
| CVE-2023-29421 | 1 Bzip3 Project | 1 Bzip3 | 2024-11-21 | N/A | 8.8 HIGH |
| An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block. | |||||
| CVE-2023-29416 | 1 Bzip3 Project | 1 Bzip3 | 2024-11-21 | N/A | 6.5 MEDIUM |
| An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais. | |||||
| CVE-2023-29308 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29285 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29284 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29283 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29282 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29276 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||