Total
2385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47095 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c | |||||
| CVE-2022-47091 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c | |||||
| CVE-2021-40568 | 1 Gpac | 1 Gpac | 2023-05-27 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | |||||
| CVE-2020-24736 | 1 Ghost | 1 Sqlite3 | 2023-05-26 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. | |||||
| CVE-2021-35977 | 1 Digi | 35 6350-sr, 6350-sr Firmware, Cm and 32 more | 2023-05-26 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution. | |||||
| CVE-2021-26354 | 1 Amd | 304 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 301 more | 2023-05-25 | N/A | 5.5 MEDIUM |
| Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity. | |||||
| CVE-2023-22741 | 1 Signalwire | 1 Sofia-sip | 2023-05-24 | N/A | 9.8 CRITICAL |
| Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_parse_attribute(), after we get the attribute's type and length value, the length will be used directly to copy from the heap, regardless of the message's left size. Since network users control the overflowed length, and the data is written to heap chunks later, attackers may achieve remote code execution by heap grooming or other exploitation methods. The bug was introduced 16 years ago in sofia-sip 1.12.4 (plus some patches through 12/21/2006) to in tree libs with git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@3774 d0543943-73ff-0310-b7d9-9358b9ac24b2. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2020-3264 | 1 Cisco | 15 1100-4g Integrated Services Router, 1100-4gltegb Integrated Services Router, 1100-4gltena Integrated Services Router and 12 more | 2023-05-23 | 6.6 MEDIUM | 7.1 HIGH |
| A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access and make changes to the system that they are not authorized to make. | |||||
| CVE-2022-36330 | 1 Westerndigital | 6 My Cloud Home, My Cloud Home Duo, My Cloud Home Duo Firmware and 3 more | 2023-05-22 | N/A | 8.1 HIGH |
| A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191. | |||||
| CVE-2022-28463 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2023-05-22 | 6.8 MEDIUM | 7.8 HIGH |
| ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. | |||||
| CVE-2021-45345 | 1 Webcamserver Project | 1 Webcamserver | 2023-05-18 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability found in En3rgy WebcamServer v.0.5.2 allows a remote attacker to cause a denial of service via the WebcamServer.exe file. | |||||
| CVE-2023-31979 | 1 Catdoc Project | 1 Catdoc | 2023-05-16 | N/A | 7.8 HIGH |
| Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c. | |||||
| CVE-2018-3864 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2023-05-16 | 9.0 HIGH | 8.8 HIGH |
| An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability. | |||||
| CVE-2023-30083 | 1 Libming | 1 Libming | 2023-05-15 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the newVar_N in util/decompile.c. | |||||
| CVE-2023-30085 | 1 Libming | 1 Libming | 2023-05-15 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the cws2fws function in util/decompile.c. | |||||
| CVE-2021-44283 | 1 Shieldstore Project | 1 Shieldstore | 2023-05-15 | N/A | 7.5 HIGH |
| A buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Institute ShieldStore commit 58d455617f99705f0ffd8a27616abdf77bdc1bdc allows attackers to cause an information leak via a crafted structure from an untrusted operating system. | |||||
| CVE-2023-30257 | 1 Fiio | 2 M6, M6 Firmware | 2023-05-15 | N/A | 7.8 HIGH |
| A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root. | |||||
| CVE-2022-47491 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2022-47494 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2022-47495 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||