Export limit exceeded: 349406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21874 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21874 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-50245 | 1 Afichet | 1 Openexr Viewer | 2024-11-21 | 9.8 Critical |
| OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1. | ||||
| CVE-2023-50096 | 1 St | 1 X-cube-safea1 | 2024-11-21 | 7.5 High |
| STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application. | ||||
| CVE-2023-50044 | 1 Cesanta | 1 Mjs | 2024-11-21 | 9.8 Critical |
| Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if a Built-in API name occurs in a substring of an input string. | ||||
| CVE-2023-4778 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4758 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4756 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4744 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2024-11-21 | 9.8 Critical |
| A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability. | ||||
| CVE-2023-4721 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4695 | 1 Pkp | 1 Pkb-lib | 2024-11-21 | 8.1 High |
| Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16. | ||||
| CVE-2023-4685 | 1 Deltaww | 2 Cncsoft-b, Dopsoft | 2024-11-21 | 7.8 High |
| Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code. | ||||
| CVE-2023-4682 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4601 | 2 Microsoft, Ni | 2 Windows, System Configuration | 2024-11-21 | 8.1 High |
| A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions. | ||||
| CVE-2023-4590 | 1 Kimmov | 1 Frhed | 2024-11-21 | 7.3 High |
| Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers. | ||||
| CVE-2023-4518 | 1 Hitachienergy | 6 Relion 650, Relion 650 Firmware, Relion 670 and 3 more | 2024-11-21 | 6.5 Medium |
| A vulnerability exists in the input validation of the GOOSE messages where out of range values received and processed by the IED caused a reboot of the device. In order for an attacker to exploit the vulnerability, goose receiving blocks need to be configured. | ||||
| CVE-2023-4452 | 1 Moxa | 16 Edr-810-2gsfp, Edr-810-2gsfp-t, Edr-810-2gsfp-t Firmware and 13 more | 2024-11-21 | 6.5 Medium |
| A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot. | ||||
| CVE-2023-4439 | 1 Card Holder Management System Project | 1 Card Holder Management System | 2024-11-21 | 4.3 Medium |
| A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Minus Value Handler. The manipulation leads to improper validation of specified quantity in input. The attack may be launched remotely. The identifier of this vulnerability is VDB-237560. | ||||
| CVE-2023-4424 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 8.3 High |
| An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. | ||||
| CVE-2023-4397 | 1 Zyxel | 16 Atp100, Atp100w, Atp200 and 13 more | 2024-11-21 | 4.4 Medium |
| A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device. | ||||
| CVE-2023-4272 | 1 Arm | 4 Bifrost Gpu Kernel Driver, Mali Gpu Kernel Driver, Midgard Gpu Kernel Driver and 1 more | 2024-11-21 | 5.5 Medium |
| A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. | ||||
| CVE-2023-4156 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gawk, Enterprise Linux | 2024-11-21 | 4.4 Medium |
| A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. | ||||