Total
3219 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-57510 | 2025-02-03 | N/A | 7.8 HIGH | ||
| Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial. | |||||
| CVE-2023-30280 | 1 Netgear | 4 R6700, R6700 Firmware, R6900 and 1 more | 2025-02-03 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page. | |||||
| CVE-2023-29596 | 1 Cmix Project | 1 Cmix | 2025-02-03 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability found in ByronKnoll Cmix v.19 allows an attacker to execute arbitrary code and cause a denial of service via the paq8 function. | |||||
| CVE-2022-44232 | 1 Libming | 1 Libming | 2025-02-03 | N/A | 7.5 HIGH |
| libming 0.4.8 0.4.8 is vulnerable to Buffer Overflow. In getInt() in decompile.c unknown type may lead to denial of service. This is a different vulnerability than CVE-2018-9132 and CVE-2018-20427. | |||||
| CVE-2024-3120 | 1 Irontec | 1 Sngrep | 2025-02-03 | N/A | 9.0 CRITICAL |
| A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_validate_packet and sip_parse_extra_headers functions within src/sip.c. This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via crafted SIP messages. | |||||
| CVE-2024-3119 | 1 Irontec | 1 Sngrep | 2025-02-03 | N/A | 9.0 CRITICAL |
| A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the data length. This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages. | |||||
| CVE-2024-57509 | 2025-01-31 | N/A | 7.8 HIGH | ||
| Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_File::ParseStream and related functions. | |||||
| CVE-2024-57513 | 2025-01-31 | N/A | 6.5 MEDIUM | ||
| A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4. | |||||
| CVE-2023-22782 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22781 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22786 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22785 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22784 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-22783 | 1 Hp | 2 Arubaos, Instantos | 2025-01-31 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-32331 | 3 Ibm, Linux, Oracle | 4 Aix, Sterling Connect\, Linux Kernel and 1 more | 2025-01-31 | N/A | 7.5 HIGH |
| IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979. | |||||
| CVE-2023-27518 | 1 Contec | 4 Sv-cpt-mc310, Sv-cpt-mc310 Firmware, Sv-cpt-mc310f and 1 more | 2025-01-31 | N/A | 8.8 HIGH |
| Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code. | |||||
| CVE-2023-23305 | 1 Garmin | 1 Connect-iq | 2025-01-31 | N/A | 9.8 CRITICAL |
| The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware. | |||||
| CVE-2023-27971 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2025-01-30 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege. | |||||
| CVE-2023-27972 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2025-01-30 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. | |||||
| CVE-2023-27892 | 1 Shapeshift | 2 Keepkey, Keepkey Firmware | 2025-01-30 | N/A | 3.8 LOW |
| Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet. | |||||