Total
3184 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39063 | 1 Raidenftpd | 1 Raidenftpd | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard. | |||||
| CVE-2023-38975 | 1 Qdrant | 1 Qdrant | 2024-11-21 | N/A | 7.5 HIGH |
| * Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote attacker cause a denial of service via the chucnked_vectors.rs component. | |||||
| CVE-2023-38926 | 1 Netgear | 2 Ex6200, Ex6200 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wla_temp_ssid parameter at acosNvramConfig_set. | |||||
| CVE-2023-38925 | 1 Netgear | 6 Dc112a, Dc112a Firmware, Ex6200 and 3 more | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd parameter in password.cgi. | |||||
| CVE-2023-38924 | 1 Netgear | 2 Dgn3500, Dgn3500 Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi. | |||||
| CVE-2023-38922 | 1 Netgear | 6 Jwnr2000v2, Jwnr2000v2 Firmware, Xavn2001v2 and 3 more | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function. | |||||
| CVE-2023-38850 | 1 Msweet | 1 Codedoc | 2024-11-21 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker to cause a denial of service via the codedoc.c:1742 comppnent. | |||||
| CVE-2023-38823 | 1 Tenda | 8 Ac18, Ac18 Firmware, Ac19 and 5 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | |||||
| CVE-2023-38591 | 1 Netgear | 2 Dg834gv5, Dg834gv5 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wla_ssid and wla_temp_ssid parameters at bsw_ssid.cgi. | |||||
| CVE-2023-38590 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2023-38583 | 1 Tonybybell | 1 Gtkwave | 2024-11-21 | N/A | 7.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | |||||
| CVE-2023-38581 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Buffer overflow in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-38559 | 4 Artifex, Debian, Fedoraproject and 1 more | 4 Ghostscript, Debian Linux, Fedora and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. | |||||
| CVE-2023-38412 | 1 Netgear | 2 R6900p, R6900p Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at ia_ap_setting.cgi. | |||||
| CVE-2023-37926 | 1 Zyxel | 20 Atp100, Atp100w, Atp200 and 17 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through 5.37, and VPN series firmware versions 4.30 through 5.37, could allow an authenticated local attacker to cause denial-of-service (DoS) conditions by executing the CLI command to dump system logs on an affected device. | |||||
| CVE-2023-37793 | 1 Wayos | 2 Fbm-291w, Fbm-291w Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow via the component /upgrade_filter.asp. | |||||
| CVE-2023-37758 | 1 Dlink | 2 Dir-815, Dir-815 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| D-LINK DIR-815 v1.01 was discovered to contain a buffer overflow via the component /web/captcha.cgi. | |||||
| CVE-2023-37734 | 1 Ezsoftmagic | 1 Mp3 Audio Converter | 2024-11-21 | N/A | 9.8 CRITICAL |
| EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a buffer overflow. | |||||
| CVE-2023-37457 | 2 Digium, Sangoma | 2 Asterisk, Certified Asterisk | 2024-11-21 | N/A | 7.5 HIGH |
| Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIP_HEADER dialplan function can exceed the available buffer space for storing the new value of a header. By doing so this can overwrite memory or cause a crash. This is not externally exploitable, unless dialplan is explicitly written to update a header based on data from an outside source. If the 'update' functionality is not used the vulnerability does not occur. A patch is available at commit a1ca0268254374b515fa5992f01340f7717113fa. | |||||
| CVE-2023-37245 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 9.1 CRITICAL |
| Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||||