Total
3002 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-7095 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313_B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248942 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-6906 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313_B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248268. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-6711 | 1 Hitachienergy | 2 Rtu500, Rtu500 Firmware | 2024-11-21 | N/A | 5.9 MEDIUM |
| Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU. | |||||
| CVE-2023-6334 | 2 Hypr, Microsoft | 2 Workforce Access, Windows | 2024-11-21 | N/A | 5.3 MEDIUM |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. | |||||
| CVE-2023-6238 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | N/A | 6.7 MEDIUM |
| A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption. | |||||
| CVE-2023-5908 | 4 Ge, Ptc, Rockwellautomation and 1 more | 8 Industrial Gateway Server, Keepserverex, Opc-aggregator and 5 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. | |||||
| CVE-2023-5748 | 1 Synology | 1 Ssl Vpn Client | 2024-11-21 | N/A | 3.3 LOW |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors. | |||||
| CVE-2023-5139 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 4.4 MEDIUM |
| Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | |||||
| CVE-2023-5130 | 1 Deltaww | 1 Wplsoft | 2024-11-21 | 7.3 HIGH | 8.2 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution. | |||||
| CVE-2023-52729 | 2024-11-21 | N/A | 7.5 HIGH | ||
| TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\0' to the end of long msg data. It can be exploited via crafted TCP packets. | |||||
| CVE-2023-52103 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||||
| CVE-2023-52080 | 2024-11-21 | N/A | 7.7 HIGH | ||
| IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When critical data in memory data is tampered with,a crash may occur. | |||||
| CVE-2023-51888 | 1 Ctan | 1 Mathtex | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL. | |||||
| CVE-2023-51886 | 1 Ctan | 1 Mathtex | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote attacker to cause a denial of service when using \convertpath. | |||||
| CVE-2023-51885 | 1 Ctan | 1 Mathtex | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component. | |||||
| CVE-2023-51798 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. | |||||
| CVE-2023-51796 | 2024-11-21 | N/A | 3.6 LOW | ||
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame. | |||||
| CVE-2023-51793 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. | |||||
| CVE-2023-51434 | 1 Hihonor | 1 Magic Ui | 2024-11-21 | N/A | 9.3 CRITICAL |
| Some Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution. | |||||
| CVE-2023-50991 | 1 Tenda | 2 I29, I29 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service (DoS) via the pingIp parameter in the pingSet function. | |||||