Total
13538 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24480 | 1 Honeywell | 2 C300, C300 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
| CVE-2023-24474 | 1 Honeywell | 4 Direct Station, Engineering Station, Experion Server and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message | |||||
| CVE-2023-24295 | 1 Softmaker | 1 Flexipdf | 2024-11-21 | N/A | 7.8 HIGH |
| A stack overfow in SoftMaker Software GmbH FlexiPDF v3.0.3.0 allows attackers to execute arbitrary code after opening a crafted PDF file. | |||||
| CVE-2023-24212 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg. | |||||
| CVE-2023-24134 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24133 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24132 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24131 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24130 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24129 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24128 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24127 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24099 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the username parameter at /formWizardPassword. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-24095 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formSystemCheck. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-24018 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-24014 | 1 Deltaww | 1 Cncsoft-b | 2024-11-21 | N/A | 7.8 HIGH |
| Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | |||||
| CVE-2023-23910 | 1 Intel | 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector | 2024-11-21 | N/A | 3.9 LOW |
| Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access. | |||||
| CVE-2023-23782 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 7.8 HIGH |
| A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb version 6.3.0 through 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows attacker to escalation of privilege via specifically crafted arguments to existing commands. | |||||
| CVE-2023-23781 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 6.4 MEDIUM |
| A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files. | |||||
| CVE-2023-23780 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 8.0 HIGH |
| A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests. | |||||