Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20011 | 2 Google, Mediatek | 18 Android, Mt6985, Mt8127 and 15 more | 2024-02-09 | N/A | 9.8 CRITICAL |
| In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146. | |||||
| CVE-2016-2123 | 1 Samba | 1 Samba | 2024-02-08 | 6.5 MEDIUM | 8.8 HIGH |
| A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation. | |||||
| CVE-2009-1377 | 1 Openssl | 1 Openssl | 2024-02-07 | 5.0 MEDIUM | N/A |
| The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug." | |||||
| CVE-2023-22313 | 1 Intel | 5 Qat Driver, Qat Driver Firmware, Quickassist Technology Driver and 2 more | 2024-02-05 | N/A | 2.3 LOW |
| Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2022-47375 | 1 Siemens | 18 6ag1414-3em07-7ab0, 6ag1414-3em07-7ab0 Firmware, 6ag1416-3es07-7ab0 and 15 more | 2024-02-05 | N/A | 7.5 HIGH |
| A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. This could allow an attacker to create a buffer overflow and create a denial of service condition for the device. | |||||
| CVE-2022-29510 | 1 Intel | 72 Compute Module Hns2600bp, Compute Module Hns2600bp Firmware, Compute Module Hns2600bpb and 69 more | 2024-02-05 | N/A | 6.7 MEDIUM |
| Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-32887 | 1 Mediatek | 38 Mt2735, Mt6813, Mt6833 and 35 more | 2024-02-05 | N/A | 7.5 HIGH |
| In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). | |||||
| CVE-2023-6560 | 1 Linux | 1 Linux Kernel | 2024-02-05 | N/A | 5.5 MEDIUM |
| An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system. | |||||
| CVE-2023-32885 | 2 Google, Mediatek | 32 Android, Mt6761, Mt6765 and 29 more | 2024-02-05 | N/A | 6.7 MEDIUM |
| In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685. | |||||
| CVE-2023-32884 | 2 Google, Mediatek | 60 Android, Mt2713, Mt6580 and 57 more | 2024-02-05 | N/A | 6.7 MEDIUM |
| In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011. | |||||
| CVE-2023-51257 | 1 Jasper Project | 1 Jasper | 2024-02-05 | N/A | 7.8 HIGH |
| An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. | |||||
| CVE-2023-40052 | 1 Progress | 2 Openedge, Openedge Innovation | 2024-02-05 | N/A | 7.5 HIGH |
| This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities of many web application clients. Multiple of these DoS attacks could lead to the flooding of invalid requests as compared to the server’s remaining ability to process valid requests. | |||||
| CVE-2021-46748 | 2 Amd, Intel | 123 Radeon Pro Vega 56, Radeon Pro Vega 56 Firmware, Radeon Pro Vega 64 and 120 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service. | |||||
| CVE-2023-41139 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-02-05 | N/A | 7.8 HIGH |
| A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | |||||
| CVE-2023-29076 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-02-05 | N/A | 9.8 CRITICAL |
| A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process. | |||||
| CVE-2023-20251 | 1 Cisco | 2 Aireos, Mobility Express Software | 2024-02-05 | N/A | 5.3 MEDIUM |
| A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple clients connecting under specific conditions. An attacker could exploit this vulnerability by causing multiple wireless clients to attempt to connect to an access point (AP) on an affected device. A successful exploit could allow the attacker to cause the affected device to reboot after a significant amount of time, resulting in a denial of service (DoS) condition. | |||||
| CVE-2023-3953 | 1 Schneider-electric | 1 Pro-face Gp-pro Ex | 2024-02-05 | N/A | 5.3 MEDIUM |
| A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX. | |||||
| CVE-2023-4073 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-02-05 | N/A | 8.8 HIGH |
| Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-3824 | 1 Php | 1 Php | 2024-02-05 | N/A | 9.8 CRITICAL |
| In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. | |||||
| CVE-2022-27879 | 1 Intel | 142 Atom X5-e3930, Atom X5-e3930 Firmware, Atom X5-e3940 and 139 more | 2024-02-05 | N/A | 4.4 MEDIUM |
| Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | |||||