Total
2073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0841 | 1 Gpac | 1 Gpac | 2024-08-02 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087. | ||||
| CVE-2023-0851 | 1 Canon | 90 I-sensys Lbp621cw, I-sensys Lbp621cw Firmware, I-sensys Lbp623cdw and 87 more | 2024-08-02 | 9.8 Critical |
| Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe. | ||||
| CVE-2023-0819 | 1 Gpac | 1 Gpac | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | ||||
| CVE-2023-0760 | 1 Gpac | 1 Gpac | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. | ||||
| CVE-2023-0666 | 3 Debian, Redhat, Wireshark | 3 Debian Linux, Enterprise Linux, Wireshark | 2024-08-02 | 6.5 Medium |
| Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. | ||||
| CVE-2023-0667 | 1 Wireshark | 1 Wireshark | 2024-08-02 | 6.5 Medium |
| Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark | ||||
| CVE-2023-0433 | 1 Vim | 1 Vim | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. | ||||
| CVE-2023-0288 | 1 Vim | 1 Vim | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. | ||||
| CVE-2023-0208 | 2 Linux, Nvidia | 2 Linux Kernel, Data Center Gpu Manager | 2024-08-02 | 8.4 High |
| NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering. | ||||
| CVE-2023-0210 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 7.5 High |
| A bug affects the Linux kernel’s ksmbd NTLMv2 authentication and is known to crash the OS immediately in Linux-based systems. | ||||
| CVE-2023-0051 | 1 Vim | 1 Vim | 2024-08-02 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. | ||||
| CVE-2023-0049 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-08-02 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | ||||
| CVE-2024-41440 | 1 Dbohdan | 1 Hicolor | 2024-08-02 | 6.2 Medium |
| A heap buffer overflow in the function png_quantize() of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. | ||||
| CVE-2024-41438 | 1 Dbohdan | 1 Hicolor | 2024-08-02 | 6.2 Medium |
| A heap buffer overflow in the function cp_stored() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. | ||||
| CVE-2024-39518 | 1 Juniper | 1 Junos Os | 2024-08-02 | 7.5 High |
| A Heap-based Buffer Overflow vulnerability in the telemetry sensor process (sensord) of Juniper Networks Junos OS on MX240, MX480, MX960 platforms using MPC10E causes a steady increase in memory utilization, ultimately leading to a Denial of Service (DoS). When the device is subscribed to a specific subscription on Junos Telemetry Interface, a slow memory leak occurs and eventually all resources are consumed and the device becomes unresponsive. A manual reboot of the Line Card will be required to restore the device to its normal functioning. This issue is only seen when telemetry subscription is active. The Heap memory utilization can be monitored using the following command: > show system processes extensive The following command can be used to monitor the memory utilization of the specific sensor > show system info | match sensord PID NAME MEMORY PEAK MEMORY %CPU THREAD-COUNT CORE-AFFINITY UPTIME 1986 sensord 877.57MB 877.57MB 2 4 0,2-15 7-21:41:32 This issue affects Junos OS: * from 21.2R3-S5 before 21.2R3-S7, * from 21.4R3-S4 before 21.4R3-S6, * from 22.2R3 before 22.2R3-S4, * from 22.3R2 before 22.3R3-S2, * from 22.4R1 before 22.4R3, * from 23.2R1 before 23.2R2. | ||||
| CVE-2024-39133 | 1 Zziplib Project | 1 Zziplib | 2024-08-02 | 4.3 Medium |
| Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c. | ||||
| CVE-2024-38949 | 2024-08-02 | 6.5 Medium | ||
| Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc | ||||
| CVE-2024-37310 | 1 Everest | 1 Everest-core | 2024-08-02 | 9.1 Critical |
| EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0. | ||||
| CVE-2024-37001 | 2024-08-02 | 8.8 High | ||
| [A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-36702 | 2024-08-02 | 7.4 High | ||
| libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c. | ||||