Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46559 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr. | |||||
| CVE-2023-46560 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup. | |||||
| CVE-2023-46562 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg. | |||||
| CVE-2023-46563 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS. | |||||
| CVE-2023-46564 | 1 Totolink | 2 X2000r, X2000r Firmware | 2023-10-27 | N/A | 9.8 CRITICAL |
| TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ. | |||||
| CVE-2023-3487 | 1 Silabs | 1 Gecko Bootloader | 2023-10-27 | N/A | 7.8 HIGH |
| An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots. | |||||
| CVE-2023-28793 | 1 Zscaler | 1 Client Connector | 2023-10-27 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6. | |||||
| CVE-2023-45678 | 1 Nothings | 1 Stb Vorbis.c | 2023-10-26 | N/A | 7.8 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in `start_decoder` because at maximum `m->submaps` can be 16 but `submap_floor` and `submap_residue` are declared as arrays of 15 elements. This issue may lead to code execution. | |||||
| CVE-2023-45677 | 1 Nothings | 1 Stb Vorbis.c | 2023-10-26 | N/A | 7.8 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if `len` read in `start_decoder` is a negative number and `setup_malloc` successfully allocates memory in that case, but memory write is done with a negative index `len`. Similarly if len is INT_MAX the integer overflow len+1 happens in `f->vendor = (char*)setup_malloc(f, sizeof(char) * (len+1));` and `f->comment_list[i] = (char*)setup_malloc(f, sizeof(char) * (len+1));`. This issue may lead to code execution. | |||||
| CVE-2023-45676 | 1 Nothings | 1 Stb Vorbis.c | 2023-10-26 | N/A | 7.8 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[i] = get8_packet(f);`. The root cause is an integer overflow in `setup_malloc`. A sufficiently large value in the variable `sz` overflows with `sz+7` in and the negative value passes the maximum available memory buffer check. This issue may lead to code execution. | |||||
| CVE-2023-46539 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle. | |||||
| CVE-2023-46538 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkResetVeriRegister. | |||||
| CVE-2023-46537 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function getRegVeriRegister. | |||||
| CVE-2023-46536 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkRegVeriRegister. | |||||
| CVE-2023-46535 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function getResetVeriRegister. | |||||
| CVE-2023-46534 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function modifyAccPwdRegister. | |||||
| CVE-2023-46526 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function resetCloudPwdRegister. | |||||
| CVE-2023-46527 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function bindRequestHandle. | |||||
| CVE-2023-46525 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function loginRegister. | |||||
| CVE-2023-46523 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-10-26 | N/A | 9.8 CRITICAL |
| TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function upgradeInfoRegister. | |||||