Total
3786 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3346 | 1 Mitsubishielectric | 42 C80, C80 Firmware, E70 and 39 more | 2024-12-04 | 9.8 Critical |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery. | ||||
| CVE-2023-51796 | 1 Ffmpeg | 1 Ffmpeg | 2024-12-03 | 3.6 Low |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame. | ||||
| CVE-2023-36354 | 1 Tp-link | 9 Tl-wr740n, Tl-wr740n Firmware, Tl-wr841n and 6 more | 2024-12-02 | 7.5 High |
| TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | ||||
| CVE-2023-36239 | 1 Libming | 1 Libming | 2024-12-02 | 8.8 High |
| libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c. | ||||
| CVE-2023-36243 | 1 Flvmeta | 1 Flvmeta | 2024-12-02 | 7.8 High |
| FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c. | ||||
| CVE-2023-28812 | 1 Hikvision | 1 Localservicecomponents | 2024-12-02 | 9.1 Critical |
| There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in. | ||||
| CVE-2023-36355 | 1 Tp-link | 3 Tl-wr940n, Tl-wr940n Firmware, Tl-wr940n V4 | 2024-12-02 | 9.9 Critical |
| TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | ||||
| CVE-2023-33083 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Ar9380 and 227 more | 2024-12-02 | 9.8 Critical |
| Memory corruption in WLAN Host while processing RRM beacon on the AP. | ||||
| CVE-2024-43700 | 1 Philiphazel | 1 Xfpt | 2024-11-30 | 7 High |
| xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment. | ||||
| CVE-2024-37816 | 2024-11-27 | 4.2 Medium | ||
| Quectel EC25-EUX EC25EUXGAR08A05M1G was discovered to contain a stack overflow. | ||||
| CVE-2021-43619 | 1 Arm | 1 Trusted Firmware-m | 2024-11-27 | 7.8 High |
| Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations. | ||||
| CVE-2015-20109 | 1 Gnu | 1 Glibc | 2024-11-27 | 5.5 Medium |
| end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. | ||||
| CVE-2022-43392 | 1 Zyxel | 96 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 93 more | 2024-11-27 | 6.5 Medium |
| A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. | ||||
| CVE-2023-42800 | 1 Moonlight-stream | 7 Moonlight, Moonlight-common-c, Moonlight Embedded and 4 more | 2024-11-27 | 8.8 High |
| Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 24750d4b748fefa03d09fcfd6d45056faca354e0. | ||||
| CVE-2023-26616 | 2 D-link, Dlink | 3 Dir-823g, Dir-823g, Dir-823g Firmware | 2024-11-27 | 9.8 Critical |
| D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. | ||||
| CVE-2023-26966 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2024-11-27 | 5.5 Medium |
| libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | ||||
| CVE-2023-36377 | 1 Osslsigncode Project | 1 Osslsigncode | 2024-11-27 | 7.8 High |
| Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files. | ||||
| CVE-2023-25433 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2024-11-27 | 5.5 Medium |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV. | ||||
| CVE-2023-26612 | 2 D-link, Dlink | 3 Dir-823g, Dir-823g, Dir-823g Firmware | 2024-11-27 | 9.8 Critical |
| D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. | ||||
| CVE-2023-43887 | 1 Struktur | 1 Libde265 | 2024-11-26 | 8.1 High |
| Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump. | ||||