Total
99 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-26243 | 2024-04-10 | N/A | 7.0 HIGH | ||
Windows USB Print Driver Elevation of Privilege Vulnerability | |||||
CVE-2024-26255 | 2024-04-10 | N/A | 5.5 MEDIUM | ||
Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
CVE-2024-28902 | 2024-04-10 | N/A | 5.5 MEDIUM | ||
Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
CVE-2024-28901 | 2024-04-10 | N/A | 5.5 MEDIUM | ||
Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
CVE-2024-3077 | 2024-03-29 | N/A | 6.8 MEDIUM | ||
An malicious BLE device can crash BLE victim device by sending malformed gatt packet | |||||
CVE-2023-39541 | 2024-02-20 | N/A | 5.9 MEDIUM | ||
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. | |||||
CVE-2023-39540 | 2024-02-20 | N/A | 5.9 MEDIUM | ||
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet. | |||||
CVE-2024-20290 | 2 Cisco, Fedoraproject | 3 Secure Endpoint, Secure Endpoint Private Cloud, Fedora | 2024-02-15 | N/A | 7.5 HIGH |
A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog . | |||||
CVE-2023-6992 | 1 Cloudflare | 1 Zlib | 2024-01-10 | N/A | 5.5 MEDIUM |
Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation (deflate.c). The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression using a crafted malicious file potentially leading to denial of service of the software. Patches: The issue has been patched in commit 8352d10 https://github.com/cloudflare/zlib/commit/8352d108c05db1bdc5ac3bdf834dad641694c13c . The upstream repository is not affected. | |||||
CVE-2023-23571 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2023-12-10 | N/A | 7.5 HIGH |
An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability. | |||||
CVE-2020-35511 | 2 Debian, Libpng | 2 Debian Linux, Pngcheck | 2023-12-10 | N/A | 7.8 HIGH |
A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. | |||||
CVE-2022-1769 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | |||||
CVE-2022-22519 | 1 Codesys | 18 Control For Beaglebone Sl, Control For Beckhoff Cx9020, Control For Empc-a\/imx6 Sl and 15 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system. | |||||
CVE-2022-1720 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. | |||||
CVE-2022-1629 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution | |||||
CVE-2022-2124 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Buffer Over-read in GitHub repository vim/vim prior to 8.2. | |||||
CVE-2022-1927 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Buffer Over-read in GitHub repository vim/vim prior to 8.2. | |||||
CVE-2021-34584 | 1 Codesys | 1 Codesys | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. | |||||
CVE-2021-1373 | 1 Cisco | 8 Catalyst 9300, Catalyst 9400, Catalyst 9500 and 5 more | 2023-12-10 | 7.8 HIGH | 8.6 HIGH |
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient validation of CAPWAP packets. An attacker could exploit this vulnerability by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. |