Total
2385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40250 | 2 Hancom, Microsoft | 2 Hcell, Windows | 2024-01-18 | N/A | 8.8 HIGH |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Hancom HCell on Windows allows Overflow Buffers.This issue affects HCell: 12.0.0.893. | |||||
| CVE-2023-32401 | 1 Apple | 1 Macos | 2024-01-18 | N/A | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-5753 | 1 Zephyrproject | 1 Zephyr | 2024-01-12 | N/A | 8.8 HIGH |
| Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c | |||||
| CVE-2023-4257 | 1 Zephyrproject | 1 Zephyr | 2024-01-12 | N/A | 9.8 CRITICAL |
| Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows. | |||||
| CVE-2023-4265 | 1 Zephyrproject | 1 Zephyr | 2024-01-12 | N/A | 6.8 MEDIUM |
| Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L841 | |||||
| CVE-2024-0213 | 1 Trellix | 1 Agent | 2024-01-12 | N/A | 7.8 HIGH |
| A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly. | |||||
| CVE-2023-40589 | 3 Debian, Fedoraproject, Freerdp | 3 Debian Linux, Fedora, Freerdp | 2024-01-12 | N/A | 7.5 HIGH |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions there is a Global-Buffer-Overflow in the ncrush_decompress function. Feeding crafted input into this function can trigger the overflow which has only been shown to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-45039 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45040 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45041 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45042 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45043 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2023-45044 | 1 Qnap | 2 Qts, Quts Hero | 2024-01-10 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later | |||||
| CVE-2022-2081 | 1 Hitachienergy | 8 Rtu520, Rtu520 Firmware, Rtu530 and 5 more | 2024-01-10 | N/A | 7.5 HIGH |
| A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function. | |||||
| CVE-2023-50096 | 1 St | 1 X-cube-safea1 | 2024-01-09 | N/A | 7.5 HIGH |
| STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application. | |||||
| CVE-2023-50991 | 1 Tenda | 2 I29, I29 Firmware | 2024-01-09 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service (DoS) via the pingIp parameter in the pingSet function. | |||||
| CVE-2023-51434 | 1 Hihonor | 1 Magic Ui | 2024-01-05 | N/A | 7.8 HIGH |
| Some Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution. | |||||
| CVE-2023-52309 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible. | |||||
| CVE-2023-52307 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. | |||||
| CVE-2023-52304 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 9.8 CRITICAL |
| Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. | |||||