Total
2997 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38559 | 4 Artifex, Debian, Fedoraproject and 1 more | 4 Ghostscript, Debian Linux, Fedora and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. | |||||
| CVE-2023-38412 | 1 Netgear | 2 R6900p, R6900p Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi. | |||||
| CVE-2023-37926 | 1 Zyxel | 20 Atp100, Atp100w, Atp200 and 17 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. | |||||
| CVE-2023-37793 | 1 Wayos | 2 Fbm-291w, Fbm-291w Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow via the component /upgrade_filter.asp. | |||||
| CVE-2023-37758 | 1 Dlink | 2 Dir-815, Dir-815 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi. | |||||
| CVE-2023-37734 | 1 Ezsoftmagic | 1 Mp3 Audio Converter | 2024-11-21 | N/A | 9.8 CRITICAL |
| EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a buffer overflow. | |||||
| CVE-2023-37457 | 2 Digium, Sangoma | 2 Asterisk, Certified Asterisk | 2024-11-21 | N/A | 7.5 HIGH |
| Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa. | |||||
| CVE-2023-37245 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.1 CRITICAL |
| Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||||
| CVE-2023-36659 | 1 Opswat | 1 Metadefender Kiosk | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication). | |||||
| CVE-2023-36499 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. | |||||
| CVE-2023-36482 | 1 Samsung | 10 S3nrn4v, S3nrn4v Firmware, S3nrn82 and 7 more | 2024-11-21 | N/A | 4.3 MEDIUM |
| An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart. | |||||
| CVE-2023-36481 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. | |||||
| CVE-2023-36377 | 1 Osslsigncode Project | 1 Osslsigncode | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files. | |||||
| CVE-2023-36355 | 1 Tp-link | 2 Tl-wr940n, Tl-wr940n Firmware | 2024-11-21 | N/A | 9.9 CRITICAL |
| TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-36354 | 1 Tp-link | 8 Tl-wr740n, Tl-wr740n Firmware, Tl-wr841n and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
| TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-36321 | 1 Covesa | 1 Dlt-daemon | 2024-11-21 | N/A | 7.5 HIGH |
| Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dlt_common.c. | |||||
| CVE-2023-36243 | 1 Flvmeta | 1 Flvmeta | 2024-11-21 | N/A | 7.8 HIGH |
| FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c. | |||||
| CVE-2023-36239 | 1 Libming | 1 Libming | 2024-11-21 | N/A | 8.8 HIGH |
| libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c. | |||||
| CVE-2023-36198 | 1 Skale | 1 Sgxwallet | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function. | |||||
| CVE-2023-36187 | 1 Netgear | 30 Cbr40, Cbr40 Firmware, Lax20 and 27 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. | |||||