Total
9043 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-50926 | 1 Contiki-ng | 1 Contiki-ng | 2025-01-06 | 7.5 High |
| Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message contains a field that specifies the length of an IPv6 address prefix. The value of this field is not validated, which means that an attacker can set a value that is longer than the maximum prefix length. Subsequently, a memcmp function call that compares different prefixes can be called with a length argument that surpasses the boundary of the array allocated for the prefix, causing an out-of-bounds read. The problem has been patched in the "develop" branch of Contiki-NG, and is expected to be included in the next release. Users are advised to update as soon as they are able to or to manually apply the changes in Contiki-NG pull request #2721. | ||||
| CVE-2023-29167 | 1 Fujielectric | 1 Frenic Rhc Loader | 2025-01-03 | 7.8 High |
| Out-of-bound reads vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the system where the affected product is installed may be disclosed or arbitrary code may be executed. | ||||
| CVE-2023-33122 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-01-03 | 3.3 Low |
| A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information. | ||||
| CVE-2023-33123 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-01-03 | 7.8 High |
| A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-3036 | 1 Cloudflare | 1 Cfnts | 2025-01-02 | 8.6 High |
| An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents. | ||||
| CVE-2023-3040 | 1 Cloudflare | 1 Lua-resty-json | 2025-01-02 | 3.7 Low |
| A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a (merged in PR #14) contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that because this debug function was only used in tests and demos, it was not exploitable in a normal environment. | ||||
| CVE-2024-23808 | 1 Openatom | 1 Openharmony | 2025-01-02 | 5.2 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer dereference. | ||||
| CVE-2022-21877 | 1 Microsoft | 12 Windows 10, Windows 10 1809, Windows 10 1909 and 9 more | 2025-01-02 | 5.5 Medium |
| Storage Spaces Controller Information Disclosure Vulnerability | ||||
| CVE-2022-21876 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2025-01-02 | 5.5 Medium |
| Win32k Information Disclosure Vulnerability | ||||
| CVE-2023-35629 | 1 Microsoft | 6 Windows 10 1507, Windows Server 2008, Windows Server 2008 R2 and 3 more | 2025-01-01 | 6.8 Medium |
| Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-36696 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2025-01-01 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-35386 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35358 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-35357 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2025-01-01 | 7.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-36905 | 1 Microsoft | 14 Windows 10, Windows 10 1507, Windows 10 1607 and 11 more | 2025-01-01 | 5.5 Medium |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | ||||
| CVE-2023-35299 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-01-01 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-33164 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-01-01 | 6.5 Medium |
| Remote Procedure Call Runtime Denial of Service Vulnerability | ||||
| CVE-2023-35319 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-01-01 | 6.5 Medium |
| Remote Procedure Call Runtime Denial of Service Vulnerability | ||||
| CVE-2023-35318 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-01-01 | 6.5 Medium |
| Remote Procedure Call Runtime Denial of Service Vulnerability | ||||
| CVE-2023-35316 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-01-01 | 6.5 Medium |
| Remote Procedure Call Runtime Information Disclosure Vulnerability | ||||