Total
4067 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50986 | 1 Tenda | 2 I29, I29 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function. | |||||
| CVE-2023-50821 | 2026-06-17 | N/A | 6.2 MEDIUM | ||
| A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition. | |||||
| CVE-2023-50784 | 1 Unrealircd | 1 Unrealircd | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms. | |||||
| CVE-2023-50628 | 1 Libming | 1 Libming | 2026-06-17 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive information via parser.c component. | |||||
| CVE-2023-50469 | 1 Szlbt | 2 Lbt-t300-t310, Lbt-t300-t310 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi. | |||||
| CVE-2023-50364 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 6.4 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50362 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 5.0 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50361 | 1 Qnap | 2 Qts, Quts Hero | 2026-06-17 | N/A | 5.0 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50245 | 1 Afichet | 1 Openexr Viewer | 2026-06-17 | N/A | 9.8 CRITICAL |
| OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1. | |||||
| CVE-2023-50096 | 1 St | 1 X-cube-safea1 | 2026-06-17 | N/A | 7.5 HIGH |
| STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application. | |||||
| CVE-2023-50044 | 1 Cesanta | 1 Mjs | 2026-06-17 | N/A | 9.8 CRITICAL |
| Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if a Built-in API name occurs in a substring of an input string. | |||||
| CVE-2023-50010 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 7.8 HIGH |
| FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component. | |||||
| CVE-2023-50008 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 7.8 HIGH |
| FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component. | |||||
| CVE-2023-4590 | 1 Kimmov | 1 Frhed | 2026-06-17 | N/A | 7.3 HIGH |
| Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers. | |||||
| CVE-2023-4582 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | |||||
| CVE-2023-4452 | 1 Moxa | 16 Edr-810-2gsfp, Edr-810-2gsfp-t, Edr-810-2gsfp-t Firmware and 13 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot. | |||||
| CVE-2023-4424 | 1 Zephyrproject | 1 Zephyr | 2026-06-17 | N/A | 8.3 HIGH |
| An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. | |||||
| CVE-2023-4397 | 1 Zyxel | 16 Atp100, Atp100w, Atp200 and 13 more | 2026-06-17 | N/A | 4.4 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device. | |||||
| CVE-2023-4265 | 1 Zephyrproject | 1 Zephyr | 2026-06-17 | N/A | 6.4 MEDIUM |
| Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L841 | |||||
| CVE-2023-4264 | 1 Zephyrproject | 1 Zephyr | 2026-06-17 | N/A | 7.1 HIGH |
| Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. | |||||