Total
3187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28559 | 1 Qualcomm | 426 Aqt1000, Aqt1000 Firmware, Ar8031 and 423 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload. | |||||
| CVE-2023-28546 | 1 Qualcomm | 560 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 557 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory Corruption in SPS Application while exporting public key in sorter TA. | |||||
| CVE-2023-28544 | 1 Qualcomm | 412 Aqt1000, Aqt1000 Firmware, Ar9380 and 409 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers. | |||||
| CVE-2023-28539 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Ar9380 and 311 more | 2024-11-21 | N/A | 6.6 MEDIUM |
| Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. | |||||
| CVE-2023-27989 | 1 Zyxel | 8 Lte7480-m804, Lte7480-m804 Firmware, Lte7490-m904 and 5 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
| CVE-2023-27590 | 1 Rizin | 1 Rizin | 2024-11-21 | N/A | 7.8 HIGH |
| Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands. | |||||
| CVE-2023-27585 | 1 Teluu | 1 Pjsip | 2024-11-21 | N/A | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. | |||||
| CVE-2023-26966 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | |||||
| CVE-2023-26930 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” | |||||
| CVE-2023-26924 | 1 Llvm | 1 Llvm | 2024-11-21 | N/A | 5.5 MEDIUM |
| LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can cause undesirable behavior." | |||||
| CVE-2023-26769 | 1 Liblouis | 1 Liblouis | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c. | |||||
| CVE-2023-26767 | 1 Liblouis | 1 Liblouis | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. | |||||
| CVE-2023-26616 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. | |||||
| CVE-2023-26612 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. | |||||
| CVE-2023-26320 | 1 Mi | 2 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection. | |||||
| CVE-2023-26319 | 1 Mi | 2 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware | 2024-11-21 | N/A | 6.7 MEDIUM |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection. | |||||
| CVE-2023-26318 | 1 Mi | 2 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware | 2024-11-21 | N/A | 6.7 MEDIUM |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers. | |||||
| CVE-2023-26110 | 1 Node-bluetooth Project | 1 Node-bluetooth | 2024-11-21 | N/A | 7.3 HIGH |
| All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. | |||||
| CVE-2023-26109 | 1 Node-bluetooth-serial-port Project | 1 Node-bluetooth-serial-port | 2024-11-21 | N/A | 7.3 HIGH |
| All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. | |||||
| CVE-2023-25664 | 1 Google | 1 Tensorflow | 2024-11-21 | N/A | 7.5 HIGH |
| TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1. | |||||