Total
3192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37245 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.1 CRITICAL |
| Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||||
| CVE-2023-36659 | 1 Opswat | 1 Metadefender Kiosk | 2024-11-21 | N/A | 9.8 CRITICAL |
| An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication). | |||||
| CVE-2023-36499 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. | |||||
| CVE-2023-36482 | 1 Samsung | 10 S3nrn4v, S3nrn4v Firmware, S3nrn82 and 7 more | 2024-11-21 | N/A | 4.3 MEDIUM |
| An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart. | |||||
| CVE-2023-36481 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. | |||||
| CVE-2023-36377 | 1 Osslsigncode Project | 1 Osslsigncode | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files. | |||||
| CVE-2023-36355 | 1 Tp-link | 2 Tl-wr940n, Tl-wr940n Firmware | 2024-11-21 | N/A | 9.9 CRITICAL |
| TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-36354 | 1 Tp-link | 8 Tl-wr740n, Tl-wr740n Firmware, Tl-wr841n and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
| TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-36321 | 1 Covesa | 1 Dlt-daemon | 2024-11-21 | N/A | 7.5 HIGH |
| Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dlt_common.c. | |||||
| CVE-2023-36243 | 1 Flvmeta | 1 Flvmeta | 2024-11-21 | N/A | 7.8 HIGH |
| FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c. | |||||
| CVE-2023-36239 | 1 Libming | 1 Libming | 2024-11-21 | N/A | 8.8 HIGH |
| libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c. | |||||
| CVE-2023-36198 | 1 Skale | 1 Sgxwallet | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function. | |||||
| CVE-2023-36187 | 1 Netgear | 30 Cbr40, Cbr40 Firmware, Lax20 and 27 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. | |||||
| CVE-2023-36183 | 1 Openimageio | 1 Openimageio | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function. | |||||
| CVE-2023-36109 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c. | |||||
| CVE-2023-35982 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2024-11-21 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-35981 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2024-11-21 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-35980 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2024-11-21 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-35979 | 1 Arubanetworks | 14 Arubaos, Mc-va-10, Mc-va-1k and 11 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) condition affecting the web-based management interface of the controller. | |||||
| CVE-2023-35856 | 1 Nintendo | 1 Mario Kart Wii | 2024-11-21 | N/A | 9.8 CRITICAL |
| A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a client's machine via a crafted packet. | |||||