Total
11285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25880 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25745 | 1 Mozilla | 1 Firefox | 2024-08-02 | 8.8 High |
| Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110. | ||||
| CVE-2023-25744 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Enterprise Linux and 4 more | 2024-08-02 | 8.8 High |
| Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8. | ||||
| CVE-2023-25732 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2024-08-02 | 8.8 High |
| When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | ||||
| CVE-2023-25671 | 1 Google | 1 Tensorflow | 2024-08-02 | 7.5 High |
| TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. | ||||
| CVE-2023-25564 | 2 Gss-ntlmssp Project, Redhat | 2 Gss-ntlmssp, Enterprise Linux | 2024-08-02 | 6.5 Medium |
| GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outlen` was not initialized and could cause writing a zero to an arbitrary place in memory if `ntlm_str_convert()` were to fail, which would leave `outlen` uninitialized. This can lead to a denial of service if the write hits unmapped memory or randomly corrupts a byte in the application memory space. This vulnerability can trigger an out-of-bounds write, leading to memory corruption. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This issue is fixed in version 1.2.0. | ||||
| CVE-2023-25537 | 1 Dell | 60 Dss 8440, Dss 8440 Firmware, Emc Storage Nx3240 and 57 more | 2024-08-02 | 6.1 Medium |
| Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege. | ||||
| CVE-2023-25506 | 1 Nvidia | 2 Dgx-1, Sbios | 2024-08-02 | 7.5 High |
| NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components. | ||||
| CVE-2023-25215 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2024-08-02 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25283 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2024-08-02 | 7.5 High |
| A stack overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the reserveDHCP_HostName_1.1.1.0 parameter to lan.asp. | ||||
| CVE-2023-25281 | 1 Dlink | 2 Dir820la1, Dir820la1 Firmware | 2024-08-02 | 7.5 High |
| A stack overflow vulnerability exists in pingV4Msg component in D-Link DIR820LA1_FW105B03, allows attackers to cause a denial of service via the nextPage parameter to ping.ccp. | ||||
| CVE-2023-25235 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2024-08-02 | 7.5 High |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid. | ||||
| CVE-2023-25282 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2024-08-02 | 6.5 Medium |
| A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. | ||||
| CVE-2023-25216 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2024-08-02 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25234 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2024-08-02 | 9.8 Critical |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. | ||||
| CVE-2023-25219 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2024-08-02 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25218 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2024-08-02 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25233 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2024-08-02 | 9.8 Critical |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | ||||
| CVE-2023-25213 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2024-08-02 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25222 | 1 Gnu | 1 Libredwg | 2024-08-02 | 8.8 High |
| A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bit_read_RC function at bits.c. | ||||