Total
11294 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-20819 | 1 Mediatek | 94 Lr11, Lr12a, Lr13 and 91 more | 2024-09-21 | 6.7 Medium |
| In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003. | ||||
| CVE-2023-32154 | 1 Mikrotik | 1 Routeros | 2024-09-20 | N/A |
| Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-19797. | ||||
| CVE-2023-51597 | 1 Kofax | 1 Power Pdf | 2024-09-20 | N/A |
| Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-21755. | ||||
| CVE-2023-42115 | 1 Exim | 1 Exim | 2024-09-20 | 9.8 Critical |
| Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17434. | ||||
| CVE-2024-45288 | 1 Freebsd | 1 Freebsd | 2024-09-20 | 8.4 High |
| A missing null-termination character in the last element of an nvlist array string can lead to writing outside the allocated buffer. | ||||
| CVE-2024-41928 | 1 Freebsd | 1 Freebsd | 2024-09-20 | 8.4 High |
| Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. | ||||
| CVE-2024-32668 | 1 Freebsd | 1 Freebsd | 2024-09-20 | 8.2 High |
| An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. | ||||
| CVE-2024-21145 | 3 Netapp, Oracle, Redhat | 15 Bluexp, Cloud Insights Storage Workload Security Agent, Oncommand Insight and 12 more | 2024-09-20 | 4.8 Medium |
| Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). | ||||
| CVE-2024-27365 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2024-09-20 | 4.4 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_blockack_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read. | ||||
| CVE-2024-46047 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | 6.5 Medium |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. | ||||
| CVE-2024-46046 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | 6.5 Medium |
| Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. | ||||
| CVE-2023-4585 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-09-19 | 8.8 High |
| Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | ||||
| CVE-2023-40651 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-09-19 | 4.4 Medium |
| In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-40652 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-09-19 | 4.4 Medium |
| In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2024-6146 | 1 Actiontec | 2 Wcb6200q, Wcb6200q Firmware | 2024-09-19 | 8.8 High |
| Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21418. | ||||
| CVE-2024-6144 | 1 Actiontec | 2 Wcb6200q, Wcb6200q Firmware | 2024-09-19 | 8.8 High |
| Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21416. | ||||
| CVE-2023-44807 | 2 D-link, Dlink | 3 Dir-820l, Dir-820l, Dir-820l Firmware | 2024-09-19 | 9.8 Critical |
| D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function. | ||||
| CVE-2024-32056 | 1 Siemens | 1 Simcenter Femap | 2024-09-19 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted IGS part file. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-4754 | 1 Gpac | 1 Gpac | 2024-09-19 | 5.5 Medium |
| Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4756 | 1 Gpac | 1 Gpac | 2024-09-19 | 5.5 Medium |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||