Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3916 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2023-05-16 | 7.2 HIGH | 7.8 HIGH |
| An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can send an arbitrarily long 'directory' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2018-3904 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2023-05-16 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2018-3866 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2023-05-16 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strcpy at [8] overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long 'callbackUrl' value in order to exploit this vulnerability. | |||||
| CVE-2018-3903 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2023-05-16 | 9.0 HIGH | 9.9 CRITICAL |
| On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512 bytes. An attacker can send an arbitrarily long "url" value in order to overwrite the saved-PC with 0x42424242. | |||||
| CVE-2022-47942 | 1 Linux | 1 Linux Kernel | 2023-05-16 | N/A | 8.8 HIGH |
| An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. | |||||
| CVE-2021-31888 | 1 Siemens | 41 Apogee Modular Building Controller, Apogee Modular Building Controller Firmware, Apogee Modular Equiment Controller and 38 more | 2023-05-16 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018) | |||||
| CVE-2022-1943 | 1 Linux | 1 Linux Kernel | 2023-05-16 | 7.2 HIGH | 7.8 HIGH |
| A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially | |||||
| CVE-2023-31567 | 1 Podofo Project | 1 Podofo | 2023-05-15 | N/A | 8.8 HIGH |
| Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. | |||||
| CVE-2023-31568 | 1 Podofo Project | 1 Podofo | 2023-05-15 | N/A | 8.8 HIGH |
| Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | |||||
| CVE-2023-32111 | 1 Sap | 1 Powerdesigner Proxy | 2023-05-15 | N/A | 7.5 HIGH |
| In SAP PowerDesigner (Proxy) - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application. | |||||
| CVE-2022-48385 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2022-48387 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| the apipe driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2022-48389 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2022-47340 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 5.5 MEDIUM |
| In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges. | |||||
| CVE-2022-47469 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed. | |||||
| CVE-2022-47470 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed. | |||||
| CVE-2022-47485 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2022-47486 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-05-15 | N/A | 4.4 MEDIUM |
| In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
| CVE-2023-29693 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2023-05-12 | N/A | 9.8 CRITICAL |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function set_tftp_upgrad. | |||||
| CVE-2023-29696 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2023-05-12 | N/A | 9.8 CRITICAL |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function version_set. | |||||