Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46866 | 1 Color | 1 Demoiccmax | 2023-11-04 | N/A | 6.5 MEDIUM |
| In International Color Consortium DemoIccMAX 79ecb74, CIccCLUT::Interp3d in IccProfLib/IccTagLut.cpp in libSampleICC.a attempts to access array elements at out-of-bounds indexes. | |||||
| CVE-2023-21356 | 1 Google | 1 Android | 2023-11-04 | N/A | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21360 | 1 Google | 1 Android | 2023-11-04 | N/A | 6.7 MEDIUM |
| In Bluetooth, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-45573 | 1 Dlink | 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more | 2023-11-03 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function. | |||||
| CVE-2023-45580 | 1 Dlink | 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more | 2023-11-03 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function | |||||
| CVE-2023-21380 | 1 Google | 1 Android | 2023-11-03 | N/A | 6.7 MEDIUM |
| In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21385 | 1 Google | 1 Android | 2023-11-03 | N/A | 5.5 MEDIUM |
| In Whitechapel, there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-46542 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-02 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMeshUploadConfig. | |||||
| CVE-2023-46541 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-02 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpv6Setup. | |||||
| CVE-2023-46543 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlSiteSurvey. | |||||
| CVE-2023-46544 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWirelessTbl. | |||||
| CVE-2023-46540 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp. | |||||
| CVE-2023-46518 | 1 Mercurycom | 2 A15, A15 Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| Mercury A15 V1.0 20230818_1.0.3 was discovered to contain a command execution vulnerability via the component cloudDeviceTokenSuccCB. | |||||
| CVE-2023-46373 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TP-Link TL-WDR7660 2.0.30 has a stack overflow vulnerability via the function deviceInfoJsonToBincauses. | |||||
| CVE-2023-46371 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TP-Link device TL-WDR7660 2.0.30 has a stack overflow vulnerability via the function upgradeInfoJsonToBin. | |||||
| CVE-2023-46369 | 1 Tenda | 2 W18e, W18e Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| Tenda W18E V16.01.0.8(1576) contains a stack overflow vulnerability via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function. | |||||
| CVE-2023-5730 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2023-11-01 | N/A | 9.8 CRITICAL |
| Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1. | |||||
| CVE-2023-46548 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWlanRedirect. | |||||
| CVE-2023-46549 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSetLg. | |||||
| CVE-2023-46550 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice. | |||||