Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0851 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2023-11-07 | N/A | 9.8 CRITICAL |
| Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | |||||
| CVE-2023-0847 | 1 Dash7-alliance | 1 Dash7 Alliance Protcol | 2023-11-07 | N/A | 8.1 HIGH |
| The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write prior to implementation version 0.5.0. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However, if it was configured using non-default settings, there is the possibility that exploiting this vulnerability could lead to system crashes and remote code execution. | |||||
| CVE-2023-0804 | 1 Libtiff | 1 Libtiff | 2023-11-07 | N/A | 5.5 MEDIUM |
| LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | |||||
| CVE-2023-0249 | 1 Deltaww | 1 Diascreen | 2023-11-07 | N/A | 7.8 HIGH |
| Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2023-0208 | 2 Linux, Nvidia | 2 Linux Kernel, Data Center Gpu Manager | 2023-11-07 | N/A | 7.1 HIGH |
| NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering. | |||||
| CVE-2023-0124 | 1 Deltaww | 1 Dopsoft | 2023-11-07 | N/A | 7.8 HIGH |
| Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to an out-of-bounds write, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software. | |||||
| CVE-2023-0123 | 1 Deltaww | 1 Dopsoft | 2023-11-07 | N/A | 7.8 HIGH |
| Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software. | |||||
| CVE-2022-4873 | 1 Netcommwireless | 6 Nf20, Nf20 Firmware, Nf20mesh and 3 more | 2023-11-07 | N/A | 9.8 CRITICAL |
| On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location. | |||||
| CVE-2022-4634 | 1 Deltaww | 2 Cncsoft, Screeneditor | 2023-11-07 | N/A | 7.8 HIGH |
| All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2022-4498 | 1 Tp-link | 4 Archer C5, Archer C5 Firmware, Tl-wr710n and 1 more | 2023-11-07 | N/A | 9.8 CRITICAL |
| In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution. | |||||
| CVE-2022-4378 | 1 Linux | 1 Linux Kernel | 2023-11-07 | N/A | 7.8 HIGH |
| A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
| CVE-2022-4291 | 1 Avast | 1 Script Shield | 2023-11-07 | N/A | 10.0 CRITICAL |
| The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an attacker to bypass the sandbox of the application it was loaded into, if applicable. This issue was fixed in version 18.0.1478 of the Script Shield Component. | |||||
| CVE-2022-4141 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2023-11-07 | N/A | 7.8 HIGH |
| Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. | |||||
| CVE-2022-47521 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2023-11-07 | N/A | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames. | |||||
| CVE-2022-47519 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2023-11-07 | N/A | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames. | |||||
| CVE-2022-47518 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2023-11-07 | N/A | 7.8 HIGH |
| An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. | |||||
| CVE-2022-46694 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-11-07 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution. | |||||
| CVE-2022-46693 | 1 Apple | 6 Icloud, Ipados, Iphone Os and 3 more | 2023-11-07 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2022-46690 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-11-07 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-46570 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2023-11-07 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. | |||||