Total
13373 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40846 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998. | |||||
| CVE-2023-40845 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks. | |||||
| CVE-2023-40844 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.' | |||||
| CVE-2023-40843 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004." | |||||
| CVE-2023-40842 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler." | |||||
| CVE-2023-40841 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node," | |||||
| CVE-2023-40840 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat." | |||||
| CVE-2023-40802 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn | |||||
| CVE-2023-40799 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function. | |||||
| CVE-2023-40781 | 1 Libming | 1 Libming | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function. | |||||
| CVE-2023-40711 | 1 Veilid | 1 Veilid | 2024-11-21 | N/A | 7.5 HIGH |
| Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service (out-of-memory abort) via crafted packet data, as exploited in the wild in August 2023. | |||||
| CVE-2023-40652 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-40651 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-40574 | 1 Freerdp | 1 Freerdp | 2024-11-21 | N/A | 6.5 MEDIUM |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `writePixelBGRX` function. This issue is likely down to incorrect calculations of the `nHeight` and `srcStep` variables. This issue has been addressed in version 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-40548 | 2 Fedoraproject, Redhat | 2 Fedora, Shim | 2024-11-21 | N/A | 7.4 HIGH |
| A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value is further used for memory allocation operations, leading to a heap-based buffer overflow. This flaw causes memory corruption and can lead to a crash or data integrity issues during the boot phase. | |||||
| CVE-2023-40547 | 1 Redhat | 2 Enterprise Linux, Shim | 2024-11-21 | N/A | 8.3 HIGH |
| A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. | |||||
| CVE-2023-40465 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 8.3 HIGH |
| Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal. | |||||
| CVE-2023-40308 | 1 Sap | 9 Commoncryptolib, Content Server, Extended Application Services And Runtime and 6 more | 2024-11-21 | N/A | 7.5 HIGH |
| SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information. | |||||
| CVE-2023-40307 | 1 Sap | 1 Privileges | 2024-11-21 | N/A | 6.3 MEDIUM |
| An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data. | |||||
| CVE-2023-40305 | 1 Gnu | 1 Indent | 2024-11-21 | N/A | 5.5 MEDIUM |
| GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. | |||||