Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45577 | 1 Dlink | 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more | 2023-10-19 | N/A | 9.8 CRITICAL |
| Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function. | |||||
| CVE-2023-45578 | 1 Dlink | 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more | 2023-10-19 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function. | |||||
| CVE-2023-45579 | 1 Dlink | 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more | 2023-10-19 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function. | |||||
| CVE-2023-39276 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2023-10-19 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash. | |||||
| CVE-2023-39277 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2023-10-19 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash. | |||||
| CVE-2023-39278 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2023-10-19 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash. | |||||
| CVE-2023-39279 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2023-10-19 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash. | |||||
| CVE-2023-39280 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2023-10-19 | N/A | 6.5 MEDIUM |
| SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash. | |||||
| CVE-2023-41711 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2023-10-19 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash. | |||||
| CVE-2023-41712 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2023-10-19 | N/A | 6.5 MEDIUM |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash. | |||||
| CVE-2023-44177 | 1 Juniper | 2 Junos, Junos Os Evolved | 2023-10-19 | N/A | 5.5 MEDIUM |
| A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R2. Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.2 versions prior to 21.2R3-S6-EVO; * 21.3 versions prior to 21.3R3-S5-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 versions prior to 22.2R3-S1-EVO; * 22.3 versions prior to 22.3R3-EVO; * 22.4 versions prior to 22.4R2-EVO. | |||||
| CVE-2023-44178 | 1 Juniper | 2 Junos, Junos Os Evolved | 2023-10-19 | N/A | 5.5 MEDIUM |
| A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1; * 23.2 versions prior to 23.2R2. | |||||
| CVE-2023-0191 | 6 Citrix, Linux, Microsoft and 3 more | 6 Hypervisor, Linux Kernel, Windows and 3 more | 2023-10-19 | N/A | 7.1 HIGH |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering. | |||||
| CVE-2023-32973 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2023-10-19 | N/A | 7.2 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | |||||
| CVE-2023-45984 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. | |||||
| CVE-2023-45985 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2023-10-19 | N/A | 7.5 HIGH |
| TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2023-44808 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function. | |||||
| CVE-2023-36955 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ <=V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule. | |||||
| CVE-2023-36950 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth. | |||||
| CVE-2023-36952 | 1 Totolink | 2 Cp300\+, Cp300\+ Firmware | 2023-10-19 | N/A | 9.8 CRITICAL |
| TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg. | |||||