Total
11294 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-31976 | 1 Libming | 1 Libming | 2024-08-02 | 8.8 High |
| libming v0.4.8 was discovered to contain a stack buffer overflow via the function makeswf_preprocess at /util/makeswf_utils.c. | ||||
| CVE-2023-31982 | 1 Irontec | 1 Sngrep | 2024-08-02 | 7.8 High |
| Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c. | ||||
| CVE-2023-31981 | 1 Irontec | 1 Sngrep | 2024-08-02 | 7.8 High |
| Sngrep v1.6.0 was discovered to contain a stack buffer overflow via the function packet_set_payload at /src/packet.c. | ||||
| CVE-2023-31922 | 1 Quickjs Project | 1 Quickjs | 2024-08-02 | 7.5 High |
| QuickJS commit 2788d71 was discovered to contain a stack-overflow via the component js_proxy_isArray at quickjs.c. | ||||
| CVE-2023-31906 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 7.8 High |
| Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buffer-overflow via the component lexer_compare_identifier_to_chars at /jerry-core/parser/js/js-lexer.c. | ||||
| CVE-2023-31908 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 7.8 High |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort. | ||||
| CVE-2023-31907 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 7.8 High |
| Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c. | ||||
| CVE-2023-31722 | 1 Nasm | 1 Netwide Assembler | 2024-08-02 | 7.8 High |
| There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). | ||||
| CVE-2023-31419 | 1 Elastic | 1 Elasticsearch | 2024-08-02 | 6.5 Medium |
| A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service. | ||||
| CVE-2023-31556 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 6.5 Medium |
| podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. | ||||
| CVE-2023-31568 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 8.8 High |
| Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | ||||
| CVE-2023-31567 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 8.8 High |
| Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. | ||||
| CVE-2023-31284 | 1 Illumos | 1 Illumos-gate | 2024-08-02 | 7.8 High |
| illumos illumos-gate before 676abcb has a stack buffer overflow in /dev/net, leading to privilege escalation via a stat on a long file name in /dev/net. | ||||
| CVE-2023-31130 | 4 C-ares Project, Debian, Fedoraproject and 1 more | 6 C-ares, Debian Linux, Fedora and 3 more | 2024-08-02 | 4.1 Medium |
| c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1. | ||||
| CVE-2023-31146 | 1 Vyperlang | 1 Vyper | 2024-08-02 | 7.5 High |
| Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment. The issue can cause data corruption across call frames. The expected behavior is to revert due to out-of-bounds array access. Version 0.3.8 contains a patch for this issue. | ||||
| CVE-2023-31031 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-08-02 | 4.2 Medium |
| NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-31024 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-08-02 | 9 Critical |
| NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-31030 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-08-02 | 9.3 Critical |
| NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-30986 | 1 Siemens | 1 Solid Edge Se2023 | 2024-08-02 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain a memory corruption vulnerability while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19561) | ||||
| CVE-2023-30770 | 1 Asustor | 1 Adm | 2024-08-02 | 7.1 High |
| A stack-based buffer overflow vulnerability was found in the ASUSTOR Data Master (ADM) due to the lack of data size validation. An attacker can exploit this vulnerability to execute arbitrary code. Affected ADM versions include: 4.0.6.REG2, 4.1.0 and below as well as 4.2.0.RE71 and below. | ||||