Total
12312 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33546 | 1 Janino Project | 1 Janino | 2024-11-21 | N/A | 5.5 MEDIUM |
| Janino 3.1.9 and earlier are subject to denial of service (DOS) attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by multiple parties because Janino is not intended for use with untrusted input. | |||||
| CVE-2023-33375 | 1 Connectedio | 1 Connected Io | 2024-11-21 | N/A | 9.8 CRITICAL |
| Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices. | |||||
| CVE-2023-33308 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-11-21 | N/A | 9.8 CRITICAL |
| A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection. | |||||
| CVE-2023-33222 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | |||||
| CVE-2023-33221 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you use Default DESFire key. | |||||
| CVE-2023-33220 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | |||||
| CVE-2023-33219 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | |||||
| CVE-2023-33218 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device. | |||||
| CVE-2023-33124 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-33113 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Csra6620 and 251 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. | |||||
| CVE-2023-33076 | 1 Qualcomm | 302 Aqt1000, Aqt1000 Firmware, Ar8035 and 299 more | 2024-11-21 | N/A | 5.9 MEDIUM |
| Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. | |||||
| CVE-2023-33074 | 1 Qualcomm | 120 Qam8255p, Qam8255p Firmware, Qam8295p and 117 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in Audio when SSR event is triggered after music playback is stopped. | |||||
| CVE-2023-33067 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | |||||
| CVE-2023-33059 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 515 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption in Audio while processing the VOC packet data from ADSP. | |||||
| CVE-2023-33055 | 1 Qualcomm | 304 Apq5053-aa, Apq5053-aa Firmware, Aqt1000 and 301 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory Corruption in Audio while invoking callback function in driver from ADSP. | |||||
| CVE-2023-33046 | 1 Qualcomm | 98 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 95 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. | |||||
| CVE-2023-33045 | 1 Qualcomm | 258 Ar8035, Ar8035 Firmware, Csr8811 and 255 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. | |||||
| CVE-2023-33038 | 1 Qualcomm | 288 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 285 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption while receiving a message in Bus Socket Transport Server. | |||||
| CVE-2023-33034 | 1 Qualcomm | 128 Apq5053-aa, Apq5053-aa Firmware, Csra6620 and 125 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption while parsing the ADSP response command. | |||||
| CVE-2023-33033 | 1 Qualcomm | 528 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 525 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in Audio during playback with speaker protection. | |||||