Total
11285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-37022 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2024-10-03 | 7.8 High |
| Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code. | ||||
| CVE-2022-28072 | 1 Radare | 1 Radare2 | 2024-10-03 | 7.5 High |
| A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0. | ||||
| CVE-2022-43357 | 1 Sass-lang | 2 Libsass, Sassc | 2024-10-03 | 7.5 High |
| Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2. | ||||
| CVE-2022-43358 | 1 Sass-lang | 1 Libsass | 2024-10-03 | 7.5 High |
| Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS). | ||||
| CVE-2022-48174 | 2 Busybox, Redhat | 2 Busybox, Rhel Els | 2024-10-03 | 9.8 Critical |
| There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution. | ||||
| CVE-2022-48522 | 1 Perl | 1 Perl | 2024-10-03 | 9.8 Critical |
| In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. | ||||
| CVE-2022-44840 | 1 Gnu | 1 Binutils | 2024-10-03 | 7.8 High |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | ||||
| CVE-2022-45703 | 1 Gnu | 1 Binutils | 2024-10-03 | 7.8 High |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | ||||
| CVE-2022-47069 | 1 7-zip | 1 P7zip | 2024-10-03 | 7.8 High |
| p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. | ||||
| CVE-2023-4041 | 1 Silabs | 1 Gecko Bootloader | 2024-10-03 | 9.8 Critical |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader. | ||||
| CVE-2022-48570 | 1 Cryptopp | 1 Crypto\+\+ | 2024-10-03 | 7.5 High |
| Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally removed for functionality reasons. | ||||
| CVE-2023-28391 | 2 Silabs, Weston-embedded | 4 Gecko Platform, Gecko Software Development Kit, Cesium Net and 1 more | 2024-10-03 | 9 Critical |
| A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2023-34853 | 1 Supermicro | 542 H11dsi, H11dsi-nt, H11dsi-nt Firmware and 539 more | 2024-10-03 | 7.8 High |
| Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable. | ||||
| CVE-2023-40891 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-03 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg. | ||||
| CVE-2023-40892 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-03 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi. | ||||
| CVE-2023-41028 | 1 Juplink | 2 Rx4-1500, Rx4-1500 Firmware | 2024-10-03 | 9 Critical |
| A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root. | ||||
| CVE-2024-20433 | 1 Cisco | 2 Ios, Ios Xe | 2024-10-03 | 8.6 High |
| A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. | ||||
| CVE-2023-40893 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-03 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | ||||
| CVE-2023-40894 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-03 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg. | ||||
| CVE-2023-40895 | 1 Tenda | 2 Ac8v4, Ac8v4 Firmware | 2024-10-03 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. | ||||