Total
3175 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4029 | 1 Lenovo | 52 K14 Type 21cu, K14 Type 21cu Firmware, K14 Type 21cv and 49 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
| CVE-2023-4028 | 1 Lenovo | 58 13w Yoga, 13w Yoga Firmware, 13w Yoga Gen 2 and 55 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
| CVE-2023-49700 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large. | |||||
| CVE-2023-49468 | 1 Struktur | 1 Libde265 | 2024-11-21 | N/A | 8.8 HIGH |
| Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc. | |||||
| CVE-2023-49287 | 1 Cxong | 1 Tinydir | 2024-11-21 | N/A | 7.7 HIGH |
| TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6. | |||||
| CVE-2023-48704 | 1 Clickhouse | 2 Clickhouse, Clickhouse Cloud | 2024-11-21 | N/A | 7.0 HIGH |
| ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20. | |||||
| CVE-2023-47995 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 6.5 MEDIUM |
| Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service. | |||||
| CVE-2023-47610 | 1 Telit | 20 Bgs5, Bgs5 Firmware, Ehs5 and 17 more | 2024-11-21 | N/A | 8.1 HIGH |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message. | |||||
| CVE-2023-47471 | 1 Struktur | 1 Libde265 | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. | |||||
| CVE-2023-47430 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 allows attackers to cause a denial of service via via the SendContainer() function at tivo_commands.c. | |||||
| CVE-2023-47347 | 1 Free5gc | 1 Free5gc | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. | |||||
| CVE-2023-47346 | 1 Free5gc | 3 Free5gc, Smf, Upf | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages. | |||||
| CVE-2023-47345 | 1 Free5gc | 1 Free5gc | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero. | |||||
| CVE-2023-47307 | 1 Szlbt | 2 Lbt-t300-t310, Lbt-t300-t310 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter. | |||||
| CVE-2023-47217 | 1 Openatom | 1 Openharmony | 2024-11-21 | N/A | 4.0 MEDIUM |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow. | |||||
| CVE-2023-46960 | 2024-11-21 | N/A | 8.6 HIGH | ||
| Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module. | |||||
| CVE-2023-46852 | 1 Memcached | 1 Memcached | 2024-11-21 | N/A | 7.5 HIGH |
| In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. | |||||
| CVE-2023-46847 | 2 Redhat, Squid-cache | 10 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 7 more | 2024-11-21 | N/A | 8.6 HIGH |
| Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | |||||
| CVE-2023-46587 | 1 Xnview | 1 Xnview | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in XnView Classic v.2.51.5 allows a local attacker to execute arbitrary code via a crafted TIF file. | |||||
| CVE-2023-46566 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the parse function in the TftpPacketFactory class. | |||||