Total
11285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27909 | 1 Autodesk | 1 Fbx Software Development Kit | 2024-08-02 | 7.8 High |
| An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure. | ||||
| CVE-2023-27810 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27807 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27808 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27806 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27803 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27805 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27804 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27802 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditvsList parameter at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27720 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2024-08-02 | 9.8 Critical |
| D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-27754 | 1 Vox2mesh Project | 1 Vox2mesh | 2024-08-02 | 5.5 Medium |
| vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy() funciton. The flow allows an attacker to cause a denial of service (abort) via a crafted file. | ||||
| CVE-2023-27718 | 1 Dlink | 2 Dir878, Dir878 Firmware | 2024-08-02 | 9.8 Critical |
| D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_498308 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-27801 | 1 H3c | 1 Magic R100 Firmware | 2024-08-02 | 4.9 Medium |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | ||||
| CVE-2023-27781 | 1 Jpegoptim Project | 1 Jpegoptim | 2024-08-02 | 7.8 High |
| jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c. | ||||
| CVE-2023-27719 | 1 Dlink | 2 Dir878, Dir878 Firmware | 2024-08-02 | 9.8 Critical |
| D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-27566 | 1 Live2d | 1 Cubism Editor | 2024-08-02 | 7.8 High |
| Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file. | ||||
| CVE-2023-27590 | 1 Rizin | 1 Rizin | 2024-08-02 | 7.8 High |
| Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands. | ||||
| CVE-2023-27398 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-08-02 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20304) | ||||
| CVE-2023-27403 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-08-02 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains a memory corruption vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20303, ZDI-CAN-20348) | ||||
| CVE-2023-27343 | 2024-08-02 | N/A | ||
| PDF-XChange Editor EMF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in a EMF can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18790. | ||||