Total
2024 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-23902 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-08-02 | 9.8 Critical |
| A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2023-23781 | 1 Fortinet | 1 Fortiweb | 2024-08-02 | 6.1 Medium |
| A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files. | ||||
| CVE-2023-23780 | 1 Fortinet | 1 Fortiweb | 2024-08-02 | 7.6 High |
| A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests. | ||||
| CVE-2023-23569 | 1 Intel | 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector | 2024-08-02 | 7.8 High |
| Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-23580 | 1 Intel | 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector | 2024-08-02 | 4.8 Medium |
| Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access. | ||||
| CVE-2023-22842 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-08-02 | 7.5 High |
| On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-22363 | 1 Gallagher | 1 Command Centre | 2024-08-02 | 6.5 Medium |
| A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2) | ||||
| CVE-2023-22234 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-08-02 | 7.8 High |
| Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-22243 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-22226 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21732 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2024-08-02 | 8.8 High |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-21632 | 1 Qualcomm | 50 Apq8064au, Apq8064au Firmware, Msm8996au and 47 more | 2024-08-02 | 8.4 High |
| Memory corruption in Automotive GPU while querying a gsl memory node. | ||||
| CVE-2023-21604 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-02 | 7.8 High |
| Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21610 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-02 | 7.8 High |
| Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-21538 | 3 Fedoraproject, Microsoft, Redhat | 5 Fedora, .net, Powershell and 2 more | 2024-08-02 | 7.5 High |
| .NET Denial of Service Vulnerability | ||||
| CVE-2023-5944 | 1 Deltaww | 1 Dopsoft | 2024-08-02 | 7.8 High |
| Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file. | ||||
| CVE-2023-20250 | 1 Cisco | 8 Rv110w, Rv110w Firmware, Rv130 and 5 more | 2024-08-02 | 6.5 Medium |
| A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device. | ||||
| CVE-2023-20079 | 1 Cisco | 42 Ip Phone 6825, Ip Phone 6825 Firmware, Ip Phone 6841 and 39 more | 2024-08-02 | 9.8 Critical |
| Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2023-7220 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-08-02 | 9.8 Critical |
| A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-20078 | 1 Cisco | 34 Ip Phone 6825, Ip Phone 6825 Firmware, Ip Phone 6841 and 31 more | 2024-08-02 | 9.8 Critical |
| Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | ||||