Total
13593 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0745 | 1 Mozilla | 1 Firefox | 2024-11-21 | 8.8 High |
| The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122. | ||||
| CVE-2024-0744 | 1 Mozilla | 1 Firefox | 2024-11-21 | 7.5 High |
| In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122. | ||||
| CVE-2024-0645 | 1 Explorerplusplus | 1 Explorer\+\+ | 2024-11-21 | 7.3 High |
| Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler (SEH) records. | ||||
| CVE-2024-0429 | 2 Bpsoft, Hex Workshop | 2 Hex Workshop, Hex Workshop | 2024-11-21 | 7.3 High |
| A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler (SEH) records resulting in a service shutdown. | ||||
| CVE-2024-0088 | 2024-11-21 | 5.5 Medium | ||
| NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering. | ||||
| CVE-2023-6560 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system. | ||||
| CVE-2023-5394 | 1 Honeywell | 1 Experion Server | 2024-11-21 | 7.4 High |
| Server receiving a malformed message that where the GCL message hostname may be too large which may cause a stack overflow; resulting in possible remote code execution. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning. | ||||
| CVE-2023-5130 | 1 Deltaww | 1 Wplsoft | 2024-11-21 | 8.2 High |
| A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution. | ||||
| CVE-2023-4949 | 2 Gnu, Xen | 2 Grub, Xen | 2024-11-21 | 8.1 High |
| An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation. | ||||
| CVE-2023-4578 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-11-21 | 6.5 Medium |
| When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | ||||
| CVE-2023-4494 | 1 Easy Chat Server Project | 1 Easy Chat Server | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine. | ||||
| CVE-2023-4491 | 1 Easy Address Book Web Server Project | 1 Easy Address Book Web Server | 2024-11-21 | 9.8 Critical |
| Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine. | ||||
| CVE-2023-49993 | 1 Espeak-ng | 1 Espeak-ng | 2024-11-21 | 5.3 Medium |
| Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the function ReadClause at readclause.c. | ||||
| CVE-2023-49701 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | 7.2 High |
| Memory Corruption in SIM management while USIMPhase2init | ||||
| CVE-2023-49699 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | 6.7 Medium |
| Memory Corruption in IMS while calling VoLTE Streamingmedia Interface | ||||
| CVE-2023-48368 | 2024-11-21 | 5.9 Medium | ||
| Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-48161 | 2 Giflib Project, Redhat | 8 Giflib, Enterprise Linux, Openjdk and 5 more | 2024-11-21 | 7.1 High |
| Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c | ||||
| CVE-2023-47580 | 1 Fujielectric | 2 Tellus, Tellus Lite | 2024-11-21 | 7.8 High |
| Multiple improper restriction of operations within the bounds of a memory buffer issues exist in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code may be executed. | ||||
| CVE-2023-47169 | 2024-11-21 | 3.3 Low | ||
| Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-46852 | 1 Memcached | 1 Memcached | 2024-11-21 | 7.5 High |
| In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. | ||||