Total
3531 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6711 | 1 Hitachienergy | 2 Rtu500, Rtu500 Firmware | 2024-11-21 | N/A | 5.9 MEDIUM |
| Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU. | |||||
| CVE-2023-6334 | 2 Hypr, Microsoft | 2 Workforce Access, Windows | 2024-11-21 | N/A | 5.3 MEDIUM |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. | |||||
| CVE-2023-6238 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | N/A | 6.7 MEDIUM |
| A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption. | |||||
| CVE-2023-5908 | 4 Ge, Ptc, Rockwellautomation and 1 more | 8 Industrial Gateway Server, Keepserverex, Opc-aggregator and 5 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information. | |||||
| CVE-2023-5748 | 1 Synology | 1 Ssl Vpn Client | 2024-11-21 | N/A | 3.3 LOW |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors. | |||||
| CVE-2023-5139 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 4.4 MEDIUM |
| Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | |||||
| CVE-2023-5130 | 1 Deltaww | 1 Wplsoft | 2024-11-21 | 7.3 HIGH | 8.2 HIGH |
| A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution. | |||||
| CVE-2023-52729 | 2024-11-21 | N/A | 7.5 HIGH | ||
| TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\0' to the end of long msg data. It can be exploited via crafted TCP packets. | |||||
| CVE-2023-52103 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||||
| CVE-2023-52080 | 2024-11-21 | N/A | 7.7 HIGH | ||
| IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of the gRT->GetVariable() function. Attackers with access to local NVRAM variables can exploit this by modifying these variables on SPI Flash, resulting in memory data being tampered with. When critical data in memory data is tampered with,a crash may occur. | |||||
| CVE-2023-51888 | 1 Ctan | 1 Mathtex | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL. | |||||
| CVE-2023-51434 | 1 Hihonor | 1 Magic Ui | 2024-11-21 | N/A | 9.3 CRITICAL |
| Some Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution. | |||||
| CVE-2023-50986 | 1 Tenda | 2 I29, I29 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function. | |||||
| CVE-2023-50628 | 1 Libming | 1 Libming | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in libming version 0.4.8, allows attackers to execute arbitrary code and obtain sensitive information via parser.c component. | |||||
| CVE-2023-50469 | 1 Szlbt | 2 Lbt-t300-t310, Lbt-t300-t310 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi. | |||||
| CVE-2023-50364 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 6.4 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50362 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 5.0 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50361 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 5.0 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50245 | 1 Afichet | 1 Openexr Viewer | 2024-11-21 | N/A | 9.8 CRITICAL |
| OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1. | |||||
| CVE-2023-50096 | 1 St | 1 X-cube-safea1 | 2024-11-21 | N/A | 7.5 HIGH |
| STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application. | |||||