Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3919 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2023-05-19 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the "clips" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability. | |||||
| CVE-2018-3880 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2023-05-19 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-31556 | 1 Podofo Project | 1 Podofo | 2023-05-17 | N/A | 6.5 MEDIUM |
| podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. | |||||
| CVE-2023-31910 | 1 Jerryscript | 1 Jerryscript | 2023-05-17 | N/A | 7.8 HIGH |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c. | |||||
| CVE-2023-31908 | 1 Jerryscript | 1 Jerryscript | 2023-05-17 | N/A | 7.8 HIGH |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort. | |||||
| CVE-2022-22049 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-05-17 | 7.2 HIGH | 7.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2022-22026 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-05-17 | 7.2 HIGH | 8.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2023-27973 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2023-05-17 | N/A | 9.8 CRITICAL |
| Certain HP LaserJet Pro print products are potentially vulnerable to Heap Overflow and/or Remote Code Execution. | |||||
| CVE-2023-29284 | 1 Adobe | 1 Substance 3d Painter | 2023-05-17 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29285 | 1 Adobe | 1 Substance 3d Painter | 2023-05-17 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29276 | 1 Adobe | 1 Substance 3d Painter | 2023-05-17 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29282 | 1 Adobe | 1 Substance 3d Painter | 2023-05-17 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-29283 | 1 Adobe | 1 Substance 3d Painter | 2023-05-17 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-31907 | 1 Jerryscript | 1 Jerryscript | 2023-05-16 | N/A | 7.8 HIGH |
| Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c. | |||||
| CVE-2023-31906 | 1 Jerryscript | 1 Jerryscript | 2023-05-16 | N/A | 7.8 HIGH |
| Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c. | |||||
| CVE-2020-15888 | 1 Lua | 1 Lua | 2023-05-16 | 6.8 MEDIUM | 8.8 HIGH |
| Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free. | |||||
| CVE-2023-30087 | 1 Cesanta | 1 Mjs | 2023-05-16 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c. | |||||
| CVE-2023-31982 | 1 Irontec | 1 Sngrep | 2023-05-16 | N/A | 7.8 HIGH |
| Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c. | |||||
| CVE-2023-31981 | 1 Irontec | 1 Sngrep | 2023-05-16 | N/A | 7.8 HIGH |
| Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c. | |||||
| CVE-2023-31976 | 1 Libming | 1 Libming | 2023-05-16 | N/A | 8.8 HIGH |
| libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_utils.c. | |||||