Total
11894 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-1529 | 1 Google | 1 Chrome | 2023-09-30 | N/A | 9.8 CRITICAL |
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High) | |||||
CVE-2023-1812 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2021-1241 | 1 Cisco | 13 Ios Xe Sd-wan, Sd-wan Firmware, Sd-wan Manager and 10 more | 2023-09-29 | 7.8 HIGH | 7.5 HIGH |
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
CVE-2021-1300 | 1 Cisco | 13 Ios Xe Sd-wan, Sd-wan Firmware, Sd-wan Manager and 10 more | 2023-09-29 | 7.5 HIGH | 9.8 CRITICAL |
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
CVE-2021-1273 | 1 Cisco | 13 Ios Xe Sd-wan, Sd-wan Firmware, Sd-wan Manager and 10 more | 2023-09-29 | 7.8 HIGH | 8.6 HIGH |
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
CVE-2023-44022 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||||
CVE-2023-44023 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||||
CVE-2023-44013 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function. | |||||
CVE-2023-44019 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function. | |||||
CVE-2023-44020 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. | |||||
CVE-2023-44016 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | |||||
CVE-2023-44014 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters. | |||||
CVE-2023-44017 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | |||||
CVE-2023-44015 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function. | |||||
CVE-2023-44018 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function. | |||||
CVE-2023-44021 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2023-09-27 | N/A | 9.8 CRITICAL |
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function. | |||||
CVE-2023-35002 | 1 Accusoft | 1 Imagegear | 2023-09-26 | N/A | 9.8 CRITICAL |
A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
CVE-2013-6370 | 2 Fedoraproject, Json-c | 2 Fedora, Json-c | 2023-09-25 | 5.0 MEDIUM | N/A |
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
CVE-2017-1000376 | 4 Debian, Libffi Project, Oracle and 1 more | 6 Debian Linux, Libffi, Peopletools and 3 more | 2023-09-22 | 6.9 MEDIUM | 7.0 HIGH |
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi prior to version 3.1 on 32 bit x86 systems was vulnerable, and upstream is believed to have fixed this issue in version 3.1. | |||||
CVE-2023-25527 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 7.8 HIGH |
NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering. |