Total
12307 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25086 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the index and dport variables. | |||||
| CVE-2023-25085 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the index and to_dst variables. | |||||
| CVE-2023-25083 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the ip and mac variables. | |||||
| CVE-2023-25082 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the old_ip and old_mac variables. | |||||
| CVE-2023-25081 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the firewall_handler_set function with the src and dmz variables. | |||||
| CVE-2023-25078 | 1 Honeywell | 4 Direct Station, Engineering Station, Experion Server and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. See Honeywell Security Notification for recommendations on upgrading and versioning. | |||||
| CVE-2023-25003 | 1 Autodesk | 17 Alias, Autocad, Autocad Advance Steel and 14 more | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution. | |||||
| CVE-2023-24996 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818) | |||||
| CVE-2023-24995 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817) | |||||
| CVE-2023-24994 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816) | |||||
| CVE-2023-24993 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19815) | |||||
| CVE-2023-24992 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19814) | |||||
| CVE-2023-24991 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813) | |||||
| CVE-2023-24990 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812) | |||||
| CVE-2023-24989 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19811) | |||||
| CVE-2023-24988 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19810) | |||||
| CVE-2023-24987 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19809) | |||||
| CVE-2023-24986 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19808) | |||||
| CVE-2023-24985 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19807) | |||||
| CVE-2023-24984 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19806) | |||||