Total
2085 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-20723 | 1 Adobe | 1 Substance 3d Painter | 2024-02-16 | N/A | 7.8 HIGH |
Substance3D - Painter versions 9.1.1 and earlier are affected by a Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-46847 | 2 Redhat, Squid-cache | 10 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 7 more | 2024-02-16 | N/A | 7.5 HIGH |
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. | |||||
CVE-2001-0191 | 2 Andynorman, Gnu | 2 Gnuserv, Xemacs | 2024-02-14 | 10.0 HIGH | N/A |
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. | |||||
CVE-2021-46064 | 1 Irfanview | 1 Irfanview | 2024-02-14 | 6.8 MEDIUM | 7.8 HIGH |
IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image. | |||||
CVE-2022-30024 | 1 Tp-link | 6 Tl-wr841, Tl-wr841 Firmware, Tl-wr841n and 3 more | 2024-02-14 | N/A | 8.8 HIGH |
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected. | |||||
CVE-2021-45757 | 1 Asus | 2 Rt-ac68u, Rt-ac68u Firmware | 2024-02-14 | 7.8 HIGH | 7.5 HIGH |
ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS). | |||||
CVE-2021-45756 | 1 Asus | 4 Rt-ac5300, Rt-ac5300 Firmware, Rt-ac68u and 1 more | 2024-02-14 | 7.5 HIGH | 9.8 CRITICAL |
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi. | |||||
CVE-2010-5333 | 2 Integard Home Project, Integard Pro Project | 2 Integard Home, Integard Pro | 2024-02-14 | 7.5 HIGH | 9.8 CRITICAL |
The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed for the vulnerable software. This CVE is to track an alternate exploitation method, utilizing an EIP-overwrite buffer overflow. | |||||
CVE-2023-46284 | 1 Siemens | 4 Opcenter Quality, Simatic Pcs Neo, Sinumerik Integrate Runmyhmi \/automotive and 1 more | 2024-02-13 | N/A | 7.5 HIGH |
A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash. | |||||
CVE-2023-46283 | 1 Siemens | 4 Opcenter Quality, Simatic Pcs Neo, Sinumerik Integrate Runmyhmi \/automotive and 1 more | 2024-02-13 | N/A | 7.5 HIGH |
A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), SINUMERIK Integrate RunMyHMI /Automotive (All versions), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 7), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash. | |||||
CVE-2024-0338 | 1 Apachefriends | 1 Xampp | 2024-02-09 | N/A | 9.8 CRITICAL |
A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler (SEH). | |||||
CVE-2000-1094 | 1 Aol | 1 Aim | 2024-02-09 | 7.5 HIGH | N/A |
Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. | |||||
CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2024-02-09 | 10.0 HIGH | N/A |
Buffer overflow of rlogin program using TERM environmental variable. | |||||
CVE-2002-1337 | 7 Gentoo, Hp, Netbsd and 4 more | 9 Linux, Alphaserver Sc, Hp-ux and 6 more | 2024-02-09 | 10.0 HIGH | N/A |
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | |||||
CVE-2003-0595 | 1 Terascript | 1 Wintango Application Server | 2024-02-09 | 7.5 HIGH | N/A |
Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference. | |||||
CVE-2023-33077 | 1 Qualcomm | 192 Aqt1000, Aqt1000 Firmware, Ar8035 and 189 more | 2024-02-08 | N/A | 7.8 HIGH |
Memory corruption in HLOS while converting from authorization token to HIDL vector. | |||||
CVE-2023-33072 | 1 Qualcomm | 490 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 487 more | 2024-02-08 | N/A | 7.8 HIGH |
Memory corruption in Core while processing control functions. | |||||
CVE-2023-33069 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2024-02-08 | N/A | 7.8 HIGH |
Memory corruption in Audio while processing the calibration data returned from ACDB loader. | |||||
CVE-2023-33068 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2024-02-08 | N/A | 7.8 HIGH |
Memory corruption in Audio while processing IIR config data from AFE calibration block. | |||||
CVE-2023-43519 | 1 Qualcomm | 268 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 265 more | 2024-02-08 | N/A | 9.8 CRITICAL |
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. |