Total
2290 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-35056 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2023-10-12 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function. | |||||
| CVE-2023-45199 | 1 Arm | 1 Mbed Tls | 2023-10-12 | N/A | 9.8 CRITICAL |
| Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. | |||||
| CVE-2020-12465 | 2 Linux, Netapp | 9 Linux Kernel, Active Iq Unified Manager, Aff Baseboard Management Controller and 6 more | 2023-10-12 | 7.2 HIGH | 6.7 MEDIUM |
| An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages. | |||||
| CVE-2023-32971 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2023-10-11 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | |||||
| CVE-2020-35357 | 2 Debian, Gnu | 2 Debian Linux, Gnu Scientific Library | 2023-10-11 | N/A | 6.5 MEDIUM |
| A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2023-32972 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2023-10-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | |||||
| CVE-2023-35803 | 1 Extremenetworks | 29 Ap1130, Ap122, Ap130 and 26 more | 2023-10-10 | N/A | 9.8 CRITICAL |
| IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow. | |||||
| CVE-2023-44830 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44834 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44835 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44833 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44831 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44832 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44829 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44828 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-07 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2021-1300 | 1 Cisco | 13 Catalyst Sd-wan Manager, Ios Xe Sd-wan, Sd-wan Firmware and 10 more | 2023-10-06 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2023-40830 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-10-06 | N/A | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | |||||
| CVE-2023-44836 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-06 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44837 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-06 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44838 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-10-06 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the TXPower parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||