Total
2073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4751 | 2 Apple, Vim | 2 Macos, Vim | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. | ||||
| CVE-2023-4738 | 2 Apple, Vim | 2 Macos, Vim | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. | ||||
| CVE-2023-4504 | 3 Debian, Fedoraproject, Openprinting | 4 Debian Linux, Fedora, Cups and 1 more | 2024-08-02 | 7.0 High |
| Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. | ||||
| CVE-2023-4322 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-08-02 | 9.8 Critical |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | ||||
| CVE-2023-4264 | 1 Zephyrproject | 1 Zephyr | 2024-08-02 | 7.1 High |
| Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. | ||||
| CVE-2023-4016 | 3 Fedoraproject, Procps Project, Redhat | 3 Fedora, Procps, Enterprise Linux | 2024-08-02 | 2.5 Low |
| Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. | ||||
| CVE-2023-3430 | 2 Openimageio, Redhat | 2 Openimageio, Linux | 2024-08-02 | 7.5 High |
| A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service. | ||||
| CVE-2023-3291 | 1 Gpac | 1 Gpac | 2024-08-02 | 3.3 Low |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-2858 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-08-02 | 5.3 Medium |
| NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file | ||||
| CVE-2023-2804 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-08-02 | 6.5 Medium |
| A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence, an attacker could craft a 12-bit lossless JPEG image that contains out-of-range 12-bit samples. An application attempting to decompress such image using merged upsampling would lead to segmentation fault or buffer overflows, causing an application to crash. | ||||
| CVE-2023-2241 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 5.3 Medium |
| A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 535a786f124b739e3c857529cecc29e4eeb79778. It is recommended to apply a patch to fix this issue. VDB-227226 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-2157 | 1 Imagemagick | 1 Imagemagick | 2024-08-02 | 5.5 Medium |
| A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing. | ||||
| CVE-2023-1906 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2024-08-02 | 5.5 Medium |
| A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. | ||||
| CVE-2023-1655 | 1 Gpac | 1 Gpac | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0. | ||||
| CVE-2023-1570 | 1 Tinydng Project | 1 Tinydng | 2024-08-02 | 3.3 Low |
| A vulnerability, which was classified as problematic, has been found in syoyo tinydng. Affected by this issue is the function __interceptor_memcpy of the file tiny_dng_loader.h. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. It is recommended to apply a patch to fix this issue. VDB-223562 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-1448 | 1 Gpac | 1 Gpac | 2024-08-02 | 5.3 Medium |
| A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability. | ||||
| CVE-2023-1170 | 1 Vim | 1 Vim | 2024-08-02 | 6.6 Medium |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. | ||||
| CVE-2023-1010 | 1 Vox2png Project | 1 Vox2png | 2024-08-02 | 5.3 Medium |
| A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability is an unknown functionality of the file vox2png.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221743. | ||||
| CVE-2023-0866 | 1 Gpac | 1 Gpac | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV. | ||||
| CVE-2023-0854 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2024-08-02 | 9.8 Critical |
| Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | ||||