Filtered by CWE-120
Total 3007 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-49287 1 Cxong 1 Tinydir 2024-08-02 7.7 High
TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6.
CVE-2023-49208 1 Glewlwyd Sso Server Project 1 Glewlwyd Sso Server 2024-08-02 9.8 Critical
scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.
CVE-2023-48704 1 Clickhouse 2 Clickhouse, Clickhouse Cloud 2024-08-02 7 High
ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20.
CVE-2023-47995 1 Freeimage Project 1 Freeimage 2024-08-02 6.5 Medium
Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.
CVE-2023-47610 1 Telit 20 Bgs5, Bgs5 Firmware, Ehs5 and 17 more 2024-08-02 8.1 High
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion EHS5/6/8 that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted SMS message.
CVE-2023-47471 1 Struktur 1 Libde265 2024-08-02 6.5 Medium
Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component.
CVE-2023-47307 1 Szlbt 2 Lbt-t300-t310, Lbt-t300-t310 Firmware 2024-08-02 7.5 High
Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter.
CVE-2023-46960 2024-08-02 8.6 High
Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module.
CVE-2023-46566 1 Msoulier 1 Tftpy 2024-08-02 7.5 High
Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the parse function in the TftpPacketFactory class.
CVE-2024-29243 2024-08-02 9.8 Critical
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at /apply.cgi.
CVE-2023-45481 1 Tenda 2 Ac10, Ac10 Firmware 2024-08-02 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.
CVE-2023-43314 1 Zyxel 2 Pmg2005-t20b, Pmg2005-t20b Firmware 2024-08-02 7.5 High
** UNSUPPORTED WHEN ASSIGNED **The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00(ABNK.2)b11_C0 could allow an unauthenticated attacker to cause a denial of service condition via a crafted uid.
CVE-2023-45035 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later
CVE-2023-45043 1 Qnap 2 Qts, Quts Hero 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later
CVE-2023-45042 1 Qnap 2 Qts, Quts Hero 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later
CVE-2023-45036 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later
CVE-2023-45041 1 Qnap 2 Qts, Quts Hero 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later
CVE-2023-45040 1 Qnap 2 Qts, Quts Hero 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later
CVE-2023-45044 1 Qnap 2 Qts, Quts Hero 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later
CVE-2023-45037 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-08-02 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later