Total
12286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0666 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-01-07 | N/A | 6.5 MEDIUM |
| Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. | |||||
| CVE-2024-47398 | 2025-01-07 | N/A | 8.8 HIGH | ||
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write. | |||||
| CVE-2023-34568 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-01-06 | N/A | 6.7 MEDIUM |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | |||||
| CVE-2023-34566 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-01-06 | N/A | 9.8 CRITICAL |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo. | |||||
| CVE-2023-33660 | 1 Emqx | 1 Nanomq | 2025-01-06 | N/A | 7.5 HIGH |
| A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack. | |||||
| CVE-2023-34571 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-01-06 | N/A | 6.7 MEDIUM |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet. | |||||
| CVE-2023-34570 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-01-06 | N/A | 6.7 MEDIUM |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName. | |||||
| CVE-2023-34569 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-01-06 | N/A | 6.7 MEDIUM |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList. | |||||
| CVE-2023-34567 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-01-06 | N/A | 6.7 MEDIUM |
| Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | |||||
| CVE-2023-33658 | 1 Emqx | 1 Nanomq | 2025-01-06 | N/A | 7.5 HIGH |
| A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack. | |||||
| CVE-2023-0667 | 1 Wireshark | 1 Wireshark | 2025-01-06 | N/A | 6.5 MEDIUM |
| Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark | |||||
| CVE-2023-34624 | 1 Htmlcleaner Project | 1 Htmlcleaner | 2025-01-06 | N/A | 7.5 HIGH |
| An issue was discovered htmlcleaner thru = 2.28 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34614 | 1 Jsonij Project | 1 Jsonij | 2025-01-06 | N/A | 7.5 HIGH |
| An issue was discovered jmarsden/jsonij thru 0.5.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34613 | 1 Sojo Project | 1 Sojo | 2025-01-06 | N/A | 7.5 HIGH |
| An issue was discovered sojo thru 1.1.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34612 | 1 Ph-json Project | 1 Ph-json | 2025-01-06 | N/A | 7.5 HIGH |
| An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34611 | 1 Mjson Project | 1 Mjson | 2025-01-06 | N/A | 7.5 HIGH |
| An issue was discovered mjson thru 1.4.1 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34610 | 1 Json-io Project | 1 Json-io | 2025-01-06 | N/A | 7.5 HIGH |
| An issue was discovered json-io thru 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34609 | 1 Flexjson Project | 1 Flexjson | 2025-01-06 | N/A | 7.5 HIGH |
| An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | |||||
| CVE-2023-34364 | 1 Progress | 1 Datadirect Odbc Oracle Wire Protocol Driver | 2025-01-06 | N/A | 9.8 CRITICAL |
| A buffer overflow was discovered in Progress DataDirect Connect for ODBC before 08.02.2770 for Oracle. An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. This allows an attacker to execute code of their choice on an affected host by copying carefully selected data that will be executed as code. | |||||
| CVE-2024-53833 | 2025-01-06 | N/A | 7.8 HIGH | ||
| In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||