Total
10958 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28064 | 1 Dell | 140 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 137 more | 2024-11-21 | N/A | 3.5 LOW |
| Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2023-27997 | 1 Fortinet | 4 Fortigate 6000, Fortigate 7000, Fortios and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. | |||||
| CVE-2023-27973 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. | |||||
| CVE-2023-27970 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-11-21 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-27965 | 1 Apple | 3 Macos, Studio Display, Studio Display Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-27953 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2023-27936 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-27915 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2023-27914 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process. | |||||
| CVE-2023-27911 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-11-21 | N/A | 7.8 HIGH |
| A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution. | |||||
| CVE-2023-27910 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-11-21 | N/A | 7.8 HIGH |
| A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution. | |||||
| CVE-2023-27909 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-11-21 | N/A | 7.8 HIGH |
| An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure. | |||||
| CVE-2023-27907 | 1 Autodesk | 1 Maya Usd | 2024-11-21 | N/A | 7.8 HIGH |
| A malicious actor may convince a victim to open a malicious USD file that may trigger an out-of-bounds write vulnerability which may result in code execution. | |||||
| CVE-2023-27882 | 2 Silabs, Weston-embedded | 3 Gecko Software Development Kit, Cesium Net, Uc-http | 2024-11-21 | N/A | 9.0 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2023-27810 | 1 H3c | 1 Magic R100 Firmware | 2024-11-21 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27808 | 1 H3c | 1 Magic R100 Firmware | 2024-11-21 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27807 | 1 H3c | 1 Magic R100 Firmware | 2024-11-21 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27806 | 1 H3c | 1 Magic R100 Firmware | 2024-11-21 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27805 | 1 H3c | 1 Magic R100 Firmware | 2024-11-21 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27804 | 1 H3c | 1 Magic R100 Firmware | 2024-11-21 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||