Total
3022 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27957 | 1 Apple | 1 Macos | 2024-08-02 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-27853 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2024-08-02 | 9.8 Critical |
| NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. | ||||
| CVE-2023-27852 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2024-08-02 | 9.8 Critical |
| NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. | ||||
| CVE-2023-27705 | 1 Apng Optimizer Project | 1 Apng Optimizer | 2024-08-02 | 7.5 High |
| APNG_Optimizer v1.4 was discovered to contain a buffer overflow via the component /apngopt/ubuntu.png. | ||||
| CVE-2023-27585 | 1 Teluu | 1 Pjsip | 2024-08-02 | 7.5 High |
| PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. | ||||
| CVE-2023-27590 | 1 Rizin | 1 Rizin | 2024-08-02 | 7.8 High |
| Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands. | ||||
| CVE-2023-27518 | 1 Contec | 4 Sv-cpt-mc310, Sv-cpt-mc310 Firmware, Sv-cpt-mc310f and 1 more | 2024-08-02 | 8.8 High |
| Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code. | ||||
| CVE-2023-26930 | 1 Xpdfreader | 1 Xpdf | 2024-08-02 | 5.5 Medium |
| Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” | ||||
| CVE-2023-26924 | 1 Llvm | 1 Llvm | 2024-08-02 | 5.5 Medium |
| LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockRegion. NOTE: third parties dispute this because the LLVM security policy excludes "Language front-ends ... for which a malicious input file can cause undesirable behavior." | ||||
| CVE-2023-27063 | 1 Tenda | 2 W15e, W15e Firmware | 2024-08-02 | 9.8 Critical |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2023-27064 | 1 Tenda | 2 W15e, W15e Firmware | 2024-08-02 | 7.5 High |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2023-27062 | 1 Tenda | 2 W15e, W15e Firmware | 2024-08-02 | 7.5 High |
| Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2023-27061 | 1 Tenda | 2 W15e, W15e Firmware | 2024-08-02 | 9.8 Critical |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2023-27065 | 1 Tenda | 2 W15e, W15e Firmware | 2024-08-02 | 7.5 High |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2023-26966 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2024-08-02 | 5.5 Medium |
| libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian. | ||||
| CVE-2023-26769 | 2 Liblouis, Redhat | 2 Liblouis, Enterprise Linux | 2024-08-02 | 7.5 High |
| Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c. | ||||
| CVE-2023-26768 | 2 Liblouis, Redhat | 2 Liblouis, Enterprise Linux | 2024-08-02 | 7.5 High |
| Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions. | ||||
| CVE-2023-26616 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-08-02 | 9.8 Critical |
| D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo. | ||||
| CVE-2023-26767 | 2 Liblouis, Redhat | 2 Liblouis, Enterprise Linux | 2024-08-02 | 7.5 High |
| Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. | ||||
| CVE-2023-26612 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-08-02 | 9.8 Critical |
| D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo. | ||||