Total
12297 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0855 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | |||||
| CVE-2023-0854 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | |||||
| CVE-2023-0853 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | |||||
| CVE-2023-0852 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | |||||
| CVE-2023-0851 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | |||||
| CVE-2023-0847 | 1 Dash7-alliance | 1 Dash7 Alliance Protcol | 2024-11-21 | N/A | 5.3 MEDIUM |
| The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write prior to implementation version 0.5.0. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However, if it was configured using non-default settings, there is the possibility that exploiting this vulnerability could lead to system crashes and remote code execution. | |||||
| CVE-2023-0841 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.5 HIGH | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087. | |||||
| CVE-2023-0782 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2024-11-21 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220640. | |||||
| CVE-2023-0770 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | N/A | 7.8 HIGH |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2. | |||||
| CVE-2023-0701 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . (Chromium security severity: Medium) | |||||
| CVE-2023-0656 | 1 Sonicwall | 32 Nsa 2700, Nsa 3700, Nsa 4700 and 29 more | 2024-11-21 | N/A | 7.5 HIGH |
| A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. | |||||
| CVE-2023-0637 | 1 Trendnet | 2 Tew-811dru, Tew-811dru Firmware | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220017 was assigned to this vulnerability. | |||||
| CVE-2023-0618 | 1 Trendnet | 2 Tew-652brp, Tew-652brp Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability was found in TRENDnet TEW-652BRP 3.04B01. It has been declared as critical. This vulnerability affects unknown code of the file cfg_op.ccp of the component Web Service. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219958 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-0341 | 1 Editorconfig | 1 Editorconfig | 2024-11-21 | N/A | 7.8 HIGH |
| A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer. | |||||
| CVE-2023-0330 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | N/A | 5.3 MEDIUM |
| A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. | |||||
| CVE-2023-0249 | 1 Deltaww | 1 Diascreen | 2024-11-21 | N/A | 7.8 HIGH |
| Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2023-0210 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 7.5 HIGH |
| A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems. | |||||
| CVE-2023-0208 | 2 Linux, Nvidia | 2 Linux Kernel, Data Center Gpu Manager | 2024-11-21 | N/A | 8.4 HIGH |
| NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering. | |||||
| CVE-2023-0201 | 1 Nvidia | 2 Bmc, Dgx-2 | 2024-11-21 | N/A | 6.7 MEDIUM |
| NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure. | |||||
| CVE-2023-0200 | 1 Nvidia | 2 Bmc, Dgx-2 | 2024-11-21 | N/A | 7.5 HIGH |
| NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. | |||||