Total
1428 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34287 | 2024-11-21 | N/A | 7.8 HIGH | ||
| Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-17892. | |||||
| CVE-2023-33222 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | |||||
| CVE-2023-33220 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | |||||
| CVE-2023-33219 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | |||||
| CVE-2023-33218 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device. | |||||
| CVE-2023-33028 | 1 Qualcomm | 352 Ar8035, Ar8035 Firmware, Ar9380 and 349 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. | |||||
| CVE-2023-32149 | 2024-11-21 | N/A | 8.8 HIGH | ||
| D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-19546. | |||||
| CVE-2023-31030 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | N/A | 9.3 CRITICAL |
| NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-31029 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | N/A | 9.3 CRITICAL |
| NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-31024 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | N/A | 9.0 CRITICAL |
| NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-30900 | 1 Siemens | 1 Xpedition Layout Browser | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Xpedition Layout Browser (All versions < VX.2.14). Affected application contains a stack overflow vulnerability when parsing a PCB file. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-2837 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-2676 | 1 H3c | 2 Magic R160, Magic R160 Firmware | 2024-11-21 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability, which was classified as critical, has been found in H3C R160 V1004004. Affected by this issue is some unknown functionality of the file /goForm/aspForm. The manipulation of the argument go leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-228890 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-29583 | 1 Yasm Project | 1 Yasm | 2024-11-21 | N/A | 5.5 MEDIUM |
| yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | |||||
| CVE-2023-29503 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2024-11-21 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-28703 | 1 Asus | 2 Rt-ac86u, Rt-ac86u Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| ASUS RT-AC86U’s specific cgi function has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A remote attacker with administrator privileges can exploit this vulnerability to execute arbitrary system commands, disrupt system or terminate service. | |||||
| CVE-2023-28538 | 1 Qualcomm | 260 Aqt1000, Aqt1000 Firmware, Csra6620 and 257 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. | |||||
| CVE-2023-27590 | 1 Rizin | 1 Rizin | 2024-11-21 | N/A | 7.8 HIGH |
| Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands. | |||||
| CVE-2023-27498 | 1 Sap | 1 Host Agent | 2024-11-21 | N/A | 7.2 HIGH |
| SAP Host Agent (SAPOSCOL) - version 7.22, allows an unauthenticated attacker with network access to a server port assigned to the SAP Start Service to submit a crafted request which results in a memory corruption error. This error can be used to reveal but not modify any technical information about the server. It can also make a particular service temporarily unavailable | |||||
| CVE-2023-27355 | 1 Sonos | 4 One, One Firmware, S1 and 1 more | 2024-11-21 | N/A | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19773. | |||||