Total
3765 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32968 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | 4.5 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later | ||||
| CVE-2023-32860 | 2 Google, Mediatek | 23 Android, Mt6761, Mt6765 and 20 more | 2024-11-21 | 6.7 Medium |
| In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788. | ||||
| CVE-2023-32859 | 2 Google, Mediatek | 45 Android, Mt6761, Mt6765 and 42 more | 2024-11-21 | 6.7 Medium |
| In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. | ||||
| CVE-2023-32763 | 1 Qt | 1 Qt | 2024-11-21 | 7.5 High |
| An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered. | ||||
| CVE-2023-32722 | 1 Zabbix | 1 Zabbix | 2024-11-21 | 9.6 Critical |
| The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. | ||||
| CVE-2023-31998 | 1 Ui | 4 Aircube, Aircube Firmware, Edgemax Edgerouter and 1 more | 2024-11-21 | 7.5 High |
| A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices. | ||||
| CVE-2023-30383 | 1 Tp-link | 7 Archer C2, Archer C20, Archer C20 Firmware and 4 more | 2024-11-21 | 7.5 High |
| TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data. | ||||
| CVE-2023-2597 | 1 Eclipse | 1 Openj9 | 2024-11-21 | 7 High |
| In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer. | ||||
| CVE-2023-29856 | 1 Dlink | 2 Dir-868l, Dir-868l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary. | ||||
| CVE-2023-29414 | 1 Schneider-electric | 1 Accutech Manager | 2024-11-21 | 7.8 High |
| A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call. | ||||
| CVE-2023-29177 | 1 Fortinet | 2 Fortiadc, Fortiddos-f | 2024-11-21 | 6.2 Medium |
| Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests. | ||||
| CVE-2023-28811 | 1 Hikvision | 79 Ds-7104ni-q1\(c\), Ds-7104ni-q1\(c\) Firmware, Ds-7104ni-q1\(d\) and 76 more | 2024-11-21 | 7.4 High |
| There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device. | ||||
| CVE-2023-28741 | 2 Intel, Microsoft | 4 Quickassist Technology, Quickassist Technology Firmware, Quickassist Technology Library and 1 more | 2024-11-21 | 7.9 High |
| Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28736 | 1 Mdadm Project | 1 Mdadm | 2024-11-21 | 5.7 Medium |
| Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28579 | 1 Qualcomm | 69 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 66 more | 2024-11-21 | 6.7 Medium |
| Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length. | ||||
| CVE-2023-28570 | 1 Qualcomm | 168 Aqt1000, Aqt1000 Firmware, Ar8035 and 165 more | 2024-11-21 | 6.7 Medium |
| Memory corruption while processing audio effects. | ||||
| CVE-2023-28561 | 1 Qualcomm | 2 Qcn7606, Qcn7606 Firmware | 2024-11-21 | 9.8 Critical |
| Memory corruption in QESL while processing payload from external ESL device to firmware. | ||||
| CVE-2023-28546 | 1 Qualcomm | 560 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 557 more | 2024-11-21 | 7.8 High |
| Memory Corruption in SPS Application while exporting public key in sorter TA. | ||||
| CVE-2023-26930 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 5.5 Medium |
| Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” | ||||
| CVE-2023-26320 | 2 Mi, Xiaomi | 3 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware, Xiaomi Router | 2024-11-21 | 7.5 High |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection. | ||||