Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33658 | 1 Emqx | 1 Nanomq | 2023-06-14 | N/A | 7.5 HIGH |
| A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack. | |||||
| CVE-2023-33660 | 1 Emqx | 1 Nanomq | 2023-06-14 | N/A | 7.5 HIGH |
| A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack. | |||||
| CVE-2023-24014 | 1 Deltaww | 1 Cncsoft-b | 2023-06-14 | N/A | 7.8 HIGH |
| Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | |||||
| CVE-2022-48188 | 1 Lenovo | 54 Ideacentre 510s-07icb, Ideacentre 510s-07icb Firmware, Ideacentre 510s-07ick and 51 more | 2023-06-13 | N/A | 7.8 HIGH |
| A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code. | |||||
| CVE-2022-48181 | 1 Lenovo | 228 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 225 more | 2023-06-13 | N/A | 7.8 HIGH |
| An ErrorMessage driver stack-based buffer overflow vulnerability in BIOS of some ThinkPad models could allow an attacker with local access to elevate their privileges and execute arbitrary code. | |||||
| CVE-2023-1388 | 1 Trellix | 1 Agent | 2023-06-13 | N/A | 8.1 HIGH |
| A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in the service becoming unavailable. | |||||
| CVE-2023-33693 | 2 Microsoft, Tsingsee | 2 Windows, Easyplayerpro | 2023-06-13 | N/A | 5.5 MEDIUM |
| A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to v3.6.19.0823 allows attackers to cause a Denial of Service (DoS) via a crafted XML file. | |||||
| CVE-2022-41664 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-06-13 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2022-41660 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-06-13 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected products contain an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2022-39136 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-06-13 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-0054 | 1 Vim | 1 Vim | 2023-06-12 | N/A | 7.8 HIGH |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. | |||||
| CVE-2023-32539 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-06-12 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | |||||
| CVE-2023-32203 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-06-12 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-33613 | 1 Axtls Project | 1 Axtls | 2023-06-12 | N/A | 5.5 MEDIUM |
| axTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. This vulnerability allows attackers to cause a Denial of Service (DoS) when parsing a private key. | |||||
| CVE-2023-33675 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2023-06-12 | N/A | 9.8 CRITICAL |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function. | |||||
| CVE-2023-33673 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2023-06-12 | N/A | 9.8 CRITICAL |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | |||||
| CVE-2023-33672 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2023-06-12 | N/A | 7.5 HIGH |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. | |||||
| CVE-2023-33671 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2023-06-12 | N/A | 9.8 CRITICAL |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | |||||
| CVE-2023-33670 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2023-06-12 | N/A | 9.8 CRITICAL |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function. | |||||
| CVE-2023-33669 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2023-06-12 | N/A | 9.8 CRITICAL |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function. | |||||