Total
721 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6711 | 1 Hitachienergy | 2 Rtu500, Rtu500 Firmware | 2024-11-21 | N/A | 5.9 MEDIUM |
| Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU. | |||||
| CVE-2023-6334 | 2 Hypr, Microsoft | 2 Workforce Access, Windows | 2024-11-21 | N/A | 5.3 MEDIUM |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. | |||||
| CVE-2023-6238 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | N/A | 6.7 MEDIUM |
| A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption. | |||||
| CVE-2023-5139 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | N/A | 4.4 MEDIUM |
| Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | |||||
| CVE-2023-5075 | 1 Lenovo | 2 Ideapad Duet 3 10igl5, Ideapad Duet 3 10igl5 Firmware | 2024-11-21 | N/A | 6.7 MEDIUM |
| A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code. | |||||
| CVE-2023-50364 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 6.4 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50362 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 5.0 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-50361 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | N/A | 5.0 MEDIUM |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | |||||
| CVE-2023-4452 | 1 Moxa | 16 Edr-810-2gsfp, Edr-810-2gsfp-t, Edr-810-2gsfp-t Firmware and 13 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot. | |||||
| CVE-2023-4397 | 1 Zyxel | 16 Atp100, Atp100w, Atp200 and 13 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50(W) series firmware version 5.37, and USG20(W)-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing the CLI command with crafted strings on an affected device. | |||||
| CVE-2023-49993 | 1 Espeak-ng | 1 Espeak-ng | 2024-11-21 | N/A | 5.3 MEDIUM |
| Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the function ReadClause at readclause.c. | |||||
| CVE-2023-49990 | 1 Espeak-ng | 1 Espeak-ng | 2024-11-21 | N/A | 5.3 MEDIUM |
| Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c. | |||||
| CVE-2023-49700 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large. | |||||
| CVE-2023-47471 | 1 Struktur | 1 Libde265 | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. | |||||
| CVE-2023-47430 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 allows attackers to cause a denial of service via via the SendContainer() function at tivo_commands.c. | |||||
| CVE-2023-47217 | 1 Openatom | 1 Openharmony | 2024-11-21 | N/A | 4.0 MEDIUM |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow. | |||||
| CVE-2023-46363 | 1 Jbig2enc Project | 1 Jbig2enc | 2024-11-21 | N/A | 5.5 MEDIUM |
| jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512. | |||||
| CVE-2023-46256 | 1 Dronecode | 1 Px4 Drone Autopilot | 2024-11-21 | N/A | 4.4 MEDIUM |
| PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function due to the absence of `parserbuf_index` value checking. A malfunction of the sensor device can cause a heap buffer overflow with leading unexpected drone behavior. Malicious applications can exploit the vulnerability even if device sensor malfunction does not occur. Up to the maximum value of an `unsigned int`, bytes sized data can be written to the heap memory area. As of time of publication, no fixed version is available. | |||||
| CVE-2023-46001 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data. | |||||
| CVE-2023-43816 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 6.8 MEDIUM | 6.3 MEDIUM |
| A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | |||||