ReportizFlow
Filtered by vendor
Subscriptions
Total
3934 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-34419 | 1 Lenovo | 60 Legion 5-15ach6, Legion 5-15ach6 Firmware, Legion 5-15ach6a and 57 more | 2024-11-21 | 6.7 Medium |
| A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
| CVE-2023-34140 | 1 Zyxel | 48 Nxc2500, Nxc2500 Firmware, Nxc5500 and 45 more | 2024-11-21 | 6.5 Medium |
| A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.36 Patch 2, USG FLEX series firmware versions 4.50 through 5.36 Patch 2, USG FLEX 50(W) series firmware versions 4.16 through 5.36 Patch 2, USG20(W)-VPN series firmware versions 4.16 through 5.36 Patch 2, VPN series firmware versions 4.30 through 5.36 Patch 2, NXC2500 firmware versions 6.10(AAIG.0) through 6.10(AAIG.3), and NXC5500 firmware versions 6.10(AAOS.0) through 6.10(AAOS.4), could allow an unauthenticated, LAN-based attacker to cause denial of service (DoS) conditions by sending a crafted request to the CAPWAP daemon. | ||||
| CVE-2023-34115 | 1 Zoom | 1 Meeting Sdk | 2024-11-21 | 4.3 Medium |
| Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted. | ||||
| CVE-2023-33802 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2024-11-21 | 5.5 Medium |
| A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. | ||||
| CVE-2023-33082 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Ar9380 and 227 more | 2024-11-21 | 9.8 Critical |
| Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. | ||||
| CVE-2023-33045 | 1 Qualcomm | 265 Ar8035, Ar8035 Firmware, Csr8811 and 262 more | 2024-11-21 | 9.8 Critical |
| Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. | ||||
| CVE-2023-33024 | 1 Qualcomm | 142 8098, 8098 Firmware, 8998 and 139 more | 2024-11-21 | 6.7 Medium |
| Memory corruption while sending SMS from AP firmware. | ||||
| CVE-2023-32973 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | ||||
| CVE-2023-32972 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | ||||
| CVE-2023-32971 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | ||||
| CVE-2023-32968 | 1 Qnap | 2 Qts, Quts Hero | 2024-11-21 | 4.5 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later | ||||
| CVE-2023-32860 | 2 Google, Mediatek | 23 Android, Mt6761, Mt6765 and 20 more | 2024-11-21 | 6.7 Medium |
| In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788. | ||||
| CVE-2023-32859 | 2 Google, Mediatek | 45 Android, Mt6761, Mt6765 and 42 more | 2024-11-21 | 6.7 Medium |
| In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. | ||||
| CVE-2023-32763 | 1 Qt | 1 Qt | 2024-11-21 | 7.5 High |
| An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered. | ||||
| CVE-2023-31998 | 1 Ui | 4 Aircube, Aircube Firmware, Edgemax Edgerouter and 1 more | 2024-11-21 | 7.5 High |
| A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices. | ||||
| CVE-2023-30383 | 1 Tp-link | 7 Archer C2, Archer C20, Archer C20 Firmware and 4 more | 2024-11-21 | 7.5 High |
| TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data. | ||||
| CVE-2023-2597 | 1 Eclipse | 1 Openj9 | 2024-11-21 | 7 High |
| In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer. | ||||
| CVE-2023-29856 | 1 Dlink | 2 Dir-868l, Dir-868l Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary. | ||||
| CVE-2023-29414 | 1 Schneider-electric | 1 Accutech Manager | 2024-11-21 | 7.8 High |
| A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call. | ||||
| CVE-2023-29177 | 1 Fortinet | 2 Fortiadc, Fortiddos-f | 2024-11-21 | 6.2 Medium |
| Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests. | ||||