Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46551 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formReflashClientTbl. | |||||
| CVE-2023-46552 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAP. | |||||
| CVE-2023-46553 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl. | |||||
| CVE-2023-46545 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formWsc. | |||||
| CVE-2023-46546 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formStats. | |||||
| CVE-2023-46547 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-11-01 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formSysLog. | |||||
| CVE-2023-46332 | 1 Webassembly | 1 Webassembly Binary Toolkit | 2023-10-30 | N/A | 5.5 MEDIUM |
| WebAssembly wabt 1.0.33 contains an Out-of-Bound Memory Write in DataSegment::Drop(), which lead to segmentation fault. | |||||
| CVE-2023-24018 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-10-30 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-25097 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-10-30 | N/A | 7.2 HIGH |
| Multiple buffer overflow vulnerabilities exist in the vtysh_ubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these vulnerabilities.This buffer overflow occurs in the set_qos function with the attach_class variable. | |||||
| CVE-2022-3699 | 1 Lenovo | 3 Diagnostics, Hardwarescan Addin, Hardwarescan Plugin | 2023-10-30 | N/A | 7.8 HIGH |
| A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to versionĀ 1.3.1.2 andĀ Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges. | |||||
| CVE-2023-40129 | 1 Google | 1 Android | 2023-10-30 | N/A | 8.8 HIGH |
| In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40128 | 1 Google | 1 Android | 2023-10-30 | N/A | 7.8 HIGH |
| In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-43492 | 1 Weintek | 14 Cmt-fhd, Cmt-fhd Firmware, Cmt-hdm and 11 more | 2023-10-30 | N/A | 9.8 CRITICAL |
| In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. | |||||
| CVE-2023-4601 | 2 Microsoft, Ni | 2 Windows, System Configuration | 2023-10-28 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions. | |||||
| CVE-2023-46602 | 1 Color | 1 Demoiccmax | 2023-10-28 | N/A | 8.8 HIGH |
| In International Color Consortium DemoIccMAX 79ecb74, there is a stack-based buffer overflow in the icFixXml function in IccXML/IccLibXML/IccUtilXml.cpp in libIccXML.a. | |||||
| CVE-2023-46554 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDel. | |||||
| CVE-2023-46555 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPortFw. | |||||
| CVE-2023-46556 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formFilter. | |||||
| CVE-2023-46557 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMultiAPVLAN. | |||||
| CVE-2023-46558 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formMapDelDevice. | |||||