Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-29907 | 1 H3c | 1 Magic R200 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm. | |||||
| CVE-2023-29906 | 1 H3c | 1 Magic R200 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the Edit_BasicSSID interface at /goform/aspForm. | |||||
| CVE-2023-29905 | 1 H3c | 1 Magic R200 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the UpdateSnat interface at /goform/aspForm. | |||||
| CVE-2023-29551 | 1 Mozilla | 2 Firefox, Focus | 2023-11-07 | N/A | 8.8 HIGH |
| Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. | |||||
| CVE-2023-29421 | 1 Bzip3 Project | 1 Bzip3 | 2023-11-07 | N/A | 8.8 HIGH |
| An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block. | |||||
| CVE-2023-29416 | 1 Bzip3 Project | 1 Bzip3 | 2023-11-07 | N/A | 6.5 MEDIUM |
| An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais. | |||||
| CVE-2023-29182 | 1 Fortinet | 1 Fortios | 2023-11-07 | N/A | 6.7 MEDIUM |
| A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections. | |||||
| CVE-2023-28879 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2023-11-07 | N/A | 9.8 CRITICAL |
| In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. | |||||
| CVE-2023-28753 | 1 Facebook | 1 Netconsd | 2023-11-07 | N/A | 9.8 CRITICAL |
| netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. | |||||
| CVE-2023-28410 | 1 Intel | 1 I915 Graphics | 2023-11-07 | N/A | 7.8 HIGH |
| Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28177 | 1 Mozilla | 1 Firefox | 2023-11-07 | N/A | 8.8 HIGH |
| Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111. | |||||
| CVE-2023-28176 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-11-07 | N/A | 8.8 HIGH |
| Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. | |||||
| CVE-2023-28116 | 1 Contiki-ng | 1 Contiki-ng | 2023-11-07 | N/A | 9.8 CRITICAL |
| Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer (packetbuf) for processing of packets, with the size of PACKETBUF_SIZE. In particular, when using the BLE L2CAP module with the default configuration, the PACKETBUF_SIZE value becomes larger then the actual size of the packetbuf. When large packets are processed by the L2CAP module, a buffer overflow can therefore occur when copying the packet data to the packetbuf. The vulnerability has been patched in the "develop" branch of Contiki-NG, and will be included in release 4.9. The problem can be worked around by applying the patch manually. | |||||
| CVE-2023-27810 | 1 H3c | 1 Magic R100 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27808 | 1 H3c | 1 Magic R100 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27807 | 1 H3c | 1 Magic R100 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27806 | 1 H3c | 1 Magic R100 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27805 | 1 H3c | 1 Magic R100 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27804 | 1 H3c | 1 Magic R100 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27803 | 1 H3c | 1 Magic R100 Firmware | 2023-11-07 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||