Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35492 | 1 Cairographics | 1 Cairo | 2023-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2021-37232 | 1 Atomicparsley Project | 1 Atomicparsley | 2023-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64. | |||||
| CVE-2021-37231 | 1 Atomicparsley Project | 1 Atomicparsley | 2023-05-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check. | |||||
| CVE-2022-36788 | 1 Slic3r | 1 Libslic3r | 2023-05-02 | N/A | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially-crafted STL file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-23579 | 1 Datakit | 1 Crosscadware | 2023-05-02 | N/A | 7.8 HIGH |
| Datakit CrossCadWare_x64.dll contains an out-of-bounds write past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-25506 | 1 Nvidia | 2 Dgx-1, Sbios | 2023-04-29 | N/A | 8.2 HIGH |
| NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components. | |||||
| CVE-2023-0201 | 1 Nvidia | 2 Bmc, Dgx-2 | 2023-04-29 | N/A | 6.7 MEDIUM |
| NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure. | |||||
| CVE-2023-0200 | 1 Nvidia | 2 Bmc, Dgx-2 | 2023-04-29 | N/A | 6.7 MEDIUM |
| NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. | |||||
| CVE-2023-21100 | 1 Google | 1 Android | 2023-04-29 | N/A | 7.8 HIGH |
| In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-242544249 | |||||
| CVE-2023-20941 | 1 Google | 1 Android | 2023-04-29 | N/A | 6.6 MEDIUM |
| In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264029575References: Upstream kernel | |||||
| CVE-2023-30378 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30376 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30375 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30373 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30372 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30371 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30370 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30369 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. | |||||
| CVE-2023-30368 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2023-04-28 | N/A | 9.8 CRITICAL |
| Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function. | |||||
| CVE-2023-20967 | 1 Google | 1 Android | 2023-04-27 | N/A | 7.8 HIGH |
| In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-225879503 | |||||