Total
2290 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35990 | 1 Foxit | 1 Pdf Reader | 2023-08-17 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file. | |||||
| CVE-2023-36482 | 1 Samsung | 10 S3nrn4v, S3nrn4v Firmware, S3nrn82 and 7 more | 2023-08-15 | N/A | 4.3 MEDIUM |
| An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart. | |||||
| CVE-2023-3346 | 1 Mitsubishielectric | 42 C80, C80 Firmware, E70 and 39 more | 2023-08-11 | N/A | 9.8 CRITICAL |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery. | |||||
| CVE-2023-3766 | 1 Cloudflare | 1 Odoh-rs | 2023-08-10 | N/A | 5.9 MEDIUM |
| A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients and enables an attacker with knowledge of this vulnerability to craft and send specially designed encrypted queries to targeted ODOH servers running with odoh-rs. Upon successful exploitation, the server will crash abruptly, disrupting its normal operation and rendering the service temporarily unavailable. | |||||
| CVE-2023-39550 | 1 Netgear | 6 Jwnr2000v2, Jwnr2000v2 Firmware, Xavn2001v2 and 3 more | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function. | |||||
| CVE-2023-38925 | 1 Netgear | 6 Dc112a, Dc112a Firmware, Ex6200 and 3 more | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi. | |||||
| CVE-2023-38926 | 1 Netgear | 2 Ex6200, Ex6200 Firmware | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set. | |||||
| CVE-2023-38924 | 1 Netgear | 2 Dgn3500, Dgn3500 Firmware | 2023-08-09 | N/A | 6.5 MEDIUM |
| Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi. | |||||
| CVE-2023-38922 | 1 Netgear | 6 Jwnr2000v2, Jwnr2000v2 Firmware, Xavn2001v2 and 3 more | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function. | |||||
| CVE-2023-38591 | 1 Netgear | 2 Dg834gv5, Dg834gv5 Firmware | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi. | |||||
| CVE-2023-38412 | 1 Netgear | 2 R6900p, R6900p Firmware | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi. | |||||
| CVE-2023-36499 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2023-08-09 | N/A | 8.8 HIGH |
| Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. | |||||
| CVE-2022-33276 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2023-08-08 | N/A | 7.8 HIGH |
| Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. | |||||
| CVE-2022-2502 | 1 Hitachienergy | 2 Rtu500, Rtu500 Firmware | 2023-08-03 | N/A | 7.5 HIGH |
| A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-5 and the CMU contains the license feature ‘Advanced security’ which must be ordered separately. If these preconditions are fulfilled, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a missing input data validation which eventually if exploited causes an internal buffer to overflow in the HCI IEC 60870-5-104 function. | |||||
| CVE-2023-38590 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-08-03 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2022-24350 | 1 Insyde | 1 Insydeh2o | 2023-08-03 | N/A | 5.5 MEDIUM |
| An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the GetFlashTable function is called directly on the Command Buffer before the DataSize is check, leading to possible circumstances where the data immediately following the command buffer could be destroyed before returning a buffer size error. | |||||
| CVE-2022-4608 | 1 Hitachienergy | 2 Rtu500, Rtu500 Firmware | 2023-08-03 | N/A | 7.5 HIGH |
| A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-3. After session resumption interval is expired an RTU500 initiated update of session parameters causes an unexpected restart due to a stack overflow. | |||||
| CVE-2004-0150 | 1 Python | 1 Python | 2023-08-02 | 7.5 HIGH | N/A |
| Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS. | |||||
| CVE-2023-35980 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-08-02 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-35981 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2023-08-02 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||