Total
12418 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4016 | 2 Fedoraproject, Procps Project | 2 Fedora, Procps | 2024-11-21 | N/A | 2.5 LOW |
| Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. | |||||
| CVE-2023-49999 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition. | |||||
| CVE-2023-49992 | 1 Espeak-ng | 1 Espeak-ng | 2024-11-21 | N/A | 5.3 MEDIUM |
| Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c. | |||||
| CVE-2023-49991 | 1 Espeak-ng | 1 Espeak-ng | 2024-11-21 | N/A | 5.3 MEDIUM |
| Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c. | |||||
| CVE-2023-49867 | 2 Level1, Realtek | 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit | 2024-11-21 | N/A | 7.2 HIGH |
| A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability. | |||||
| CVE-2023-49800 | 1 Johannschopplich | 1 Nuxt Api Party | 2024-11-21 | N/A | 7.5 HIGH |
| `nuxt-api-party` is an open source module to proxy API requests. The library allows the user to send many options directly to `ofetch`. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directly from the request body. A malicious user can construct a URL known to not fetch successfully, then set the retry attempts to a high value, this will cause a stack overflow as ofetch error handling works recursively resulting in a denial of service. This issue has been addressed in version 0.22.1. Users are advised to upgrade. Users unable to upgrade should limit ofetch options. | |||||
| CVE-2023-49701 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | N/A | 7.2 HIGH |
| Memory Corruption in SIM management while USIMPhase2init | |||||
| CVE-2023-49699 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory Corruption in IMS while calling VoLTE Streamingmedia Interface | |||||
| CVE-2023-49675 | 2024-11-21 | N/A | 7.8 HIGH | ||
| An unauthenticated local attacker may trick a user to open corrupted project files to execute arbitrary code or crash the system due to an out-of-bounds write vulnerability. | |||||
| CVE-2023-49614 | 2024-11-21 | N/A | 5.7 MEDIUM | ||
| Out of bounds write in firmware for some Intel(R) FPGA products before version 2.9.0 may allow escalation of privilege and information disclosure. | |||||
| CVE-2023-49595 | 2 Level1, Realtek | 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit | 2024-11-21 | N/A | 7.2 HIGH |
| A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2023-49468 | 1 Struktur | 1 Libde265 | 2024-11-21 | N/A | 8.8 HIGH |
| Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc. | |||||
| CVE-2023-49467 | 1 Struktur | 1 Libde265 | 2024-11-21 | N/A | 8.8 HIGH |
| Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc. | |||||
| CVE-2023-49465 | 1 Struktur | 1 Libde265 | 2024-11-21 | N/A | 8.8 HIGH |
| Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc. | |||||
| CVE-2023-49434 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetNetControlList. | |||||
| CVE-2023-49433 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetVirtualServerCfg. | |||||
| CVE-2023-49432 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'deviceList' parameter at /goform/setMacFilterCfg. | |||||
| CVE-2023-49430 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg. | |||||
| CVE-2023-49426 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. | |||||
| CVE-2023-49425 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg . | |||||