Total
2385 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-20841 | 1 Cisco | 18 Rv160, Rv160 Firmware, Rv160w and 15 more | 2023-11-07 | N/A | 9.0 CRITICAL |
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
CVE-2022-20827 | 1 Cisco | 18 Rv160, Rv160 Firmware, Rv160w and 15 more | 2023-11-07 | N/A | 10.0 CRITICAL |
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
CVE-2022-0324 | 1 Linuxfoundation | 1 Software For Open Networking In The Cloud | 2023-11-07 | N/A | 7.5 HIGH |
There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown. Discovered by Eugene Lim of GovTech Singapore. | |||||
CVE-2021-4207 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2023-11-07 | 4.6 MEDIUM | 8.2 HIGH |
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | |||||
CVE-2021-4206 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2023-11-07 | 4.6 MEDIUM | 8.2 HIGH |
A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | |||||
CVE-2021-45342 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Librecad | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | |||||
CVE-2021-45341 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Librecad | 2023-11-07 | 9.3 HIGH | 8.8 HIGH |
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. | |||||
CVE-2021-43518 | 2 Fedoraproject, Teeworlds | 2 Fedora, Teeworlds | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution. | |||||
CVE-2021-43072 | 1 Fortinet | 4 Fortianalyzer, Fortimanager, Fortios and 1 more | 2023-11-07 | N/A | 6.7 MEDIUM |
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol. | |||||
CVE-2021-42716 | 2 Fedoraproject, Nothings | 2 Fedora, Stb Image.h | 2023-11-07 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location. | |||||
CVE-2021-3185 | 1 Freedesktop | 1 Gst-plugins-bad | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. | |||||
CVE-2021-3177 | 5 Debian, Fedoraproject, Netapp and 2 more | 10 Debian Linux, Fedora, Active Iq Unified Manager and 7 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. | |||||
CVE-2021-39926 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-39925 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-39922 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-38297 | 2 Fedoraproject, Golang | 2 Fedora, Go | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. | |||||
CVE-2021-37166 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2023-11-07 | 7.8 HIGH | 7.5 HIGH |
A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and takes extensive time for the GUI to connect to the TCP socket, allowing the connection to be hijacked by an external attacker. | |||||
CVE-2021-37165 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the pendingQ, and may lead to remote code execution. | |||||
CVE-2021-37162 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and possible remote code execution. | |||||
CVE-2021-37161 | 1 Swisslog-healthcare | 2 Hmi-3 Control Panel, Hmi-3 Control Panel Firmware | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow issue was discovered in the HMI3 Control Panel contained within the Swisslog Healthcare Nexus Panel, operated by released versions of software before Nexus Software 7.2.5.7. A buffer overflow allows an attacker to overwrite an internal queue data structure and can lead to remote code execution. |