Total
2137 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22741 | 1 Signalwire | 1 Sofia-sip | 2023-12-10 | N/A | 9.8 CRITICAL |
| Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_parse_attribute(), after we get the attribute's type and length value, the length will be used directly to copy from the heap, regardless of the message's left size. Since network users control the overflowed length, and the data is written to heap chunks later, attackers may achieve remote code execution by heap grooming or other exploitation methods. The bug was introduced 16 years ago in sofia-sip 1.12.4 (plus some patches through 12/21/2006) to in tree libs with git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@3774 d0543943-73ff-0310-b7d9-9358b9ac24b2. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2022-41018 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off) localip A.B.C.D' command template. | |||||
| CVE-2022-44176 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic. | |||||
| CVE-2023-22399 | 1 Juniper | 1 Junos | 2023-12-10 | N/A | 7.5 HIGH |
| When sFlow is enabled and it monitors a packet forwarded via ECMP, a buffer management vulnerability in the dcpfe process of Juniper Networks Junos OS on QFX10K Series systems allows an attacker to cause the Packet Forwarding Engine (PFE) to crash and restart by sending specific genuine packets to the device, resulting in a Denial of Service (DoS) condition. The dcpfe process tries to copy more data into a smaller buffer, which overflows and corrupts the buffer, causing a crash of the dcpfe process. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on QFX10K Series: All versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S2; 21.4 versions prior to 21.4R2-S2, 21.4R3; 22.1 versions prior to 22.1R2; 22.2 versions prior to 22.2R1-S2, 22.2R2. | |||||
| CVE-2022-32525 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2023-12-10 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-45644 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function. | |||||
| CVE-2022-44180 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter. | |||||
| CVE-2022-40992 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no firmwall domain WORD description (WORD|null)' command template. | |||||
| CVE-2022-41001 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'icmp check link WORD destination WORD interval <1-255> retries <1-255> description (WORD|null)' command template. | |||||
| CVE-2023-26110 | 1 Node-bluetooth Project | 1 Node-bluetooth | 2023-12-10 | N/A | 9.8 CRITICAL |
| All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. | |||||
| CVE-2023-27065 | 1 Tenda | 2 W15e, W15e Firmware | 2023-12-10 | N/A | 7.5 HIGH |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2022-45654 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||||
| CVE-2022-40995 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'firmwall srcmac (WORD|null) srcip (A.B.C.D|null) dstip (A.B.C.D|null) protocol (none|tcp|udp|icmp) srcport (<1-65535>|null) dstport (<1-65535>|null) policy (drop|accept) description (WORD|null)' command template. | |||||
| CVE-2022-42261 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2023-12-10 | N/A | 7.8 HIGH |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. | |||||
| CVE-2023-22756 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2023-12-10 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2022-47653 | 1 Gpac | 1 Gpac | 2023-12-10 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in eac3_update_channels function of media_tools/av_parsers.c:9113 | |||||
| CVE-2022-40986 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the '(ddns1|ddns2) mx WORD' command template. | |||||
| CVE-2022-45716 | 1 Ip-com | 2 M50, M50 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function. | |||||
| CVE-2022-47089 | 1 Gpac | 1 Gpac | 2023-12-10 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow via gf_vvc_read_sps_bs_internal function of media_tools/av_parsers.c | |||||
| CVE-2022-47095 | 1 Gpac | 1 Gpac | 2023-12-10 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c | |||||