Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25308 | 2 Gnu, Redhat | 2 Fribidi, Enterprise Linux | 2023-02-12 | N/A | 7.8 HIGH |
| A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. | |||||
| CVE-2021-23172 | 1 Sox Project | 1 Sox | 2023-02-12 | N/A | 5.5 MEDIUM |
| A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash. | |||||
| CVE-2021-23159 | 1 Sox Project | 1 Sox | 2023-02-12 | N/A | 5.5 MEDIUM |
| A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash. | |||||
| CVE-2021-20284 | 2 Gnu, Netapp | 3 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility | 2023-02-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-20194 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Openshift Container Platform | 2023-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation. | |||||
| CVE-2022-47655 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2023-02-11 | N/A | 7.8 HIGH |
| Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short> | |||||
| CVE-2022-1253 | 1 Struktur | 1 Libde265 | 2023-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release. | |||||
| CVE-2020-21606 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21604 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21603 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21602 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21601 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21600 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21595 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21594 | 1 Struktur | 1 Libde265 | 2023-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file. | |||||
| CVE-2016-9675 | 2 Redhat, Uclouvain | 5 Enterprise Linux, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Power Big Endian and 2 more | 2023-02-10 | 6.8 MEDIUM | 7.8 HIGH |
| openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code. | |||||
| CVE-2018-25011 | 2 Redhat, Webmproject | 2 Enterprise Linux, Libwebp | 2023-02-10 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). | |||||
| CVE-2023-23088 | 1 Json-parser Project | 1 Json-parser | 2023-02-10 | N/A | 9.8 CRITICAL |
| Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an attacker to execute arbitrary code via the json_value_parse function. | |||||
| CVE-2023-24613 | 1 Arraynetworks | 14 Ag1000, Ag1000t, Ag1000v5 and 11 more | 2023-02-10 | N/A | 4.9 MEDIUM |
| The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481. | |||||
| CVE-2021-31886 | 1 Siemens | 41 Apogee Modular Building Controller, Apogee Modular Building Controller Firmware, Apogee Modular Equiment Controller and 38 more | 2023-02-10 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010) | |||||