Total
12594 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-28585 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more | 2024-08-02 | 8.2 High |
Memory corruption while loading an ELF segment in TEE Kernel. | ||||
CVE-2023-28550 | 1 Qualcomm | 670 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 667 more | 2024-08-02 | 7.8 High |
Memory corruption in MPP performance while accessing DSM watermark using external memory address. | ||||
CVE-2023-28549 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 447 more | 2024-08-02 | 7.8 High |
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. | ||||
CVE-2023-28581 | 1 Qualcomm | 52 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 49 more | 2024-08-02 | 9.8 Critical |
Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. | ||||
CVE-2023-28545 | 1 Qualcomm | 408 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 405 more | 2024-08-02 | 8.2 High |
Memory corruption in TZ Secure OS while loading an app ELF. | ||||
CVE-2023-28410 | 1 Intel | 1 I915 Graphics | 2024-08-02 | 8.8 High |
Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
CVE-2023-27506 | 1 Intel | 1 Optimization For Tensorflow | 2024-08-02 | 5.5 Medium |
Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
CVE-2023-27403 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-08-02 | 7.8 High |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains a memory corruption vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20303, ZDI-CAN-20348) | ||||
CVE-2023-27286 | 1 Ibm | 2 Aspera Cargo, Aspera Connect | 2024-08-02 | 8.4 High |
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616. | ||||
CVE-2023-27284 | 1 Ibm | 2 Aspera Cargo, Aspera Connect | 2024-08-02 | 8.4 High |
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616. | ||||
CVE-2023-27285 | 1 Ibm | 2 Aspera Cargo, Aspera Connect | 2024-08-02 | 8.4 High |
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625. | ||||
CVE-2023-26974 | 1 Irfanview | 1 Irfanview | 2024-08-02 | 5.5 Medium |
Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0. | ||||
CVE-2023-26285 | 1 Ibm | 1 Mq Appliance | 2024-08-02 | 5.9 Medium |
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418. | ||||
CVE-2023-25738 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-08-02 | 6.5 Medium |
Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | ||||
CVE-2023-25755 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-08-02 | 7.8 High |
Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer (CWE-119) due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project file, information may be disclosed and/or arbitrary code may be executed. | ||||
CVE-2023-25545 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2024-08-02 | 8.2 High |
Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access. | ||||
CVE-2023-25509 | 1 Nvidia | 2 Dgx-1, Sbios | 2024-08-02 | 6 Medium |
NVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges. | ||||
CVE-2023-25527 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-08-02 | 7.8 High |
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
CVE-2023-25434 | 1 Libtiff | 1 Libtiff | 2024-08-02 | 8.8 High |
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. | ||||
CVE-2023-24817 | 1 Riot-os | 1 Riot | 2024-08-02 | 7.5 High |
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer. Triggering the access at the right time will corrupt other packets or the allocator metadata. Corrupting a pointer will lead to denial of service. This issue is fixed in version 2023.04. As a workaround, disable SRH in the network stack. |