Total
3927 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36499 | 1 Netgear | 2 Xr300, Xr300 Firmware | 2024-11-21 | 8.8 High |
| Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. | ||||
| CVE-2023-36482 | 1 Samsung | 10 S3nrn4v, S3nrn4v Firmware, S3nrn82 and 7 more | 2024-11-21 | 4.3 Medium |
| An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart. | ||||
| CVE-2023-36481 | 1 Samsung | 27 Exynos, Exynos 1080, Exynos 1080 Firmware and 24 more | 2024-11-21 | 7.5 High |
| An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. | ||||
| CVE-2023-36321 | 1 Covesa | 1 Dlt-daemon | 2024-11-21 | 7.5 High |
| Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dlt_common.c. | ||||
| CVE-2023-36198 | 1 Skale | 1 Sgxwallet | 2024-11-21 | 7.5 High |
| Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function. | ||||
| CVE-2023-36187 | 1 Netgear | 30 Cbr40, Cbr40 Firmware, Lax20 and 27 more | 2024-11-21 | 9.8 Critical |
| Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. | ||||
| CVE-2023-36109 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 9.8 Critical |
| Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c. | ||||
| CVE-2023-35982 | 3 Arubanetworks, Hp, Hpe | 3 Arubaos, Instantos, Arba Access Points Running Instantos And Arubaos 10 | 2024-11-21 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-35981 | 3 Arubanetworks, Hp, Hpe | 3 Arubaos, Instantos, Arba Access Points Running Instantos And Arubaos 10 | 2024-11-21 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-35980 | 3 Arubanetworks, Hp, Hpe | 3 Arubaos, Instantos, Arba Access Points Running Instantos And Arubaos 10 | 2024-11-21 | 9.8 Critical |
| There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-35803 | 1 Extremenetworks | 29 Ap1130, Ap122, Ap130 and 26 more | 2024-11-21 | 9.8 Critical |
| IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow. | ||||
| CVE-2023-35802 | 1 Extremenetworks | 29 Ap1130, Ap122, Ap130 and 26 more | 2024-11-21 | 9.8 Critical |
| IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit. | ||||
| CVE-2023-34561 | 1 Robtopgames | 1 Geometry Dash | 2024-11-21 | 9.8 Critical |
| A buffer overflow in the level parsing code of RobTop Games AB Geometry Dash v2.113 allows attackers to execute arbitrary code via entering a Geometry Dash level. | ||||
| CVE-2023-34419 | 1 Lenovo | 60 Legion 5-15ach6, Legion 5-15ach6 Firmware, Legion 5-15ach6a and 57 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
| CVE-2023-34140 | 1 Zyxel | 48 Nxc2500, Nxc2500 Firmware, Nxc5500 and 45 more | 2024-11-21 | 6.5 Medium |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon. | ||||
| CVE-2023-34115 | 1 Zoom | 1 Meeting Sdk | 2024-11-21 | 4.3 Medium |
| Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted. | ||||
| CVE-2023-33802 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2024-11-21 | 5.5 Medium |
| A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. | ||||
| CVE-2023-33082 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Ar9380 and 227 more | 2024-11-21 | 9.8 Critical |
| Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. | ||||
| CVE-2023-33045 | 1 Qualcomm | 265 Ar8035, Ar8035 Firmware, Csr8811 and 262 more | 2024-11-21 | 9.8 Critical |
| Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. | ||||
| CVE-2023-33024 | 1 Qualcomm | 142 8098, 8098 Firmware, 8998 and 139 more | 2024-11-21 | 6.7 Medium |
| Memory corruption while sending SMS from AP firmware. | ||||