Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31509 | 1 Opentext | 1 Brava\! Desktop | 2023-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13309. | |||||
| CVE-2021-31499 | 1 Opentext | 1 Brava\! Desktop | 2023-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12745. | |||||
| CVE-2023-32827 | 2 Google, Mediatek | 35 Android, Mt6879, Mt6886 and 32 more | 2023-10-03 | N/A | 6.7 MEDIUM |
| In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539. | |||||
| CVE-2023-32826 | 2 Google, Mediatek | 35 Android, Mt6879, Mt6886 and 32 more | 2023-10-03 | N/A | 6.7 MEDIUM |
| In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544. | |||||
| CVE-2023-32822 | 2 Google, Mediatek | 45 Android, Mt2713, Mt6739 and 42 more | 2023-10-03 | N/A | 6.7 MEDIUM |
| In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229. | |||||
| CVE-2023-32821 | 2 Google, Mediatek | 11 Android, Mt6761, Mt6763 and 8 more | 2023-10-03 | N/A | 6.7 MEDIUM |
| In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433. | |||||
| CVE-2023-32830 | 2 Google, Mediatek | 71 Android, Mt5527, Mt5583 and 68 more | 2023-10-03 | N/A | 6.7 MEDIUM |
| In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03802522; Issue ID: DTV03802522. | |||||
| CVE-2023-20819 | 1 Mediatek | 94 Lr11, Lr12a, Lr13 and 91 more | 2023-10-03 | N/A | 9.8 CRITICAL |
| In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003. | |||||
| CVE-2023-40307 | 1 Sap | 1 Privileges | 2023-10-02 | N/A | 7.8 HIGH |
| An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data. | |||||
| CVE-2022-20792 | 1 Clamav | 1 Clamav | 2023-10-01 | N/A | 7.8 HIGH |
| A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user. | |||||
| CVE-2021-40394 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2023-09-30 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-1972 | 1 Gnu | 1 Binutils | 2023-09-30 | N/A | 6.5 MEDIUM |
| A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | |||||
| CVE-2021-32292 | 1 Json-c Project | 1 Json-c | 2023-09-29 | N/A | 9.8 CRITICAL |
| An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit. | |||||
| CVE-2023-43869 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2023-09-29 | N/A | 9.8 CRITICAL |
| D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function. | |||||
| CVE-2018-1160 | 3 Debian, Netatalk, Synology | 7 Debian Linux, Netatalk, Diskstation Manager and 4 more | 2023-09-29 | 10.0 HIGH | 9.8 CRITICAL |
| Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. | |||||
| CVE-2023-43868 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2023-09-29 | N/A | 7.5 HIGH |
| D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via websGetVar function. | |||||
| CVE-2023-43867 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2023-09-29 | N/A | 7.5 HIGH |
| D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanL2TP function. | |||||
| CVE-2023-43866 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2023-09-29 | N/A | 7.5 HIGH |
| D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard7 function. | |||||
| CVE-2023-43865 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2023-09-29 | N/A | 7.5 HIGH |
| D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPTP function. | |||||
| CVE-2023-43864 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2023-09-29 | N/A | 7.5 HIGH |
| D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard55 function. | |||||