Total
11285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20092 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-07 | 7.8 High |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700. | ||||
| CVE-2024-20090 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-07 | 6.7 Medium |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703. | ||||
| CVE-2023-2134 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-10-07 | 8.8 High |
| Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-2133 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-10-07 | 8.8 High |
| Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-38961 | 1 Jerryscript | 1 Jerryscript | 2024-10-07 | 9.8 Critical |
| Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c. | ||||
| CVE-2017-3630 | 1 Oracle | 1 Solaris | 2024-10-07 | N/A |
| Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Solaris accessible data as well as unauthorized read access to a subset of Solaris accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L). | ||||
| CVE-2023-39751 | 1 Tp-link | 3 Tl-wr941nd, Tl-wr941nd V6, Tl-wr941nd V6 Firmware | 2024-10-07 | 9.8 Critical |
| TP-Link TL-WR941ND V6 were discovered to contain a buffer overflow via the pSize parameter at /userRpm/PingIframeRpm. | ||||
| CVE-2020-18382 | 1 Webassembly | 1 Binaryen | 2024-10-07 | 6.5 Medium |
| Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt. | ||||
| CVE-2020-18494 | 1 Hdfgroup | 1 Hdf5 | 2024-10-07 | 8.8 High |
| Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. | ||||
| CVE-2020-21047 | 1 Elfutils Project | 1 Elfutils | 2024-10-07 | 5.5 Medium |
| The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks. | ||||
| CVE-2020-21679 | 1 Graphicsmagick | 1 Graphicsmagick | 2024-10-07 | 5.5 Medium |
| Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. | ||||
| CVE-2020-21685 | 1 Nasm | 1 Netwide Assembler | 2024-10-07 | 5.5 Medium |
| Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. | ||||
| CVE-2023-6888 | 1 Phz76 | 1 Rtspserver | 2024-10-07 | 6.3 Medium |
| A vulnerability classified as critical was found in PHZ76 RtspServer 1.0.0. This vulnerability affects the function ParseRequestLine of the file RtspMesaage.cpp. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-248248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-39784 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-04 | 7.5 High |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function. | ||||
| CVE-2023-39785 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-04 | 7.5 High |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function. | ||||
| CVE-2023-39786 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-04 | 7.5 High |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function. | ||||
| CVE-2020-18651 | 2 Exempi Project, Redhat | 2 Exempi, Enterprise Linux | 2024-10-04 | 6.5 Medium |
| Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame. | ||||
| CVE-2020-18232 | 1 Hdfgroup | 1 Hdf5 | 2024-10-04 | 8.8 High |
| Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. | ||||
| CVE-2020-18652 | 2 Exempi Project, Redhat | 2 Exempi, Enterprise Linux | 2024-10-04 | 6.5 Medium |
| Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file. | ||||
| CVE-2020-18768 | 1 Libtiff | 1 Libtiff | 2024-10-04 | 5.5 Medium |
| There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file. | ||||