Export limit exceeded: 346188 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21503 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33410 | 1 Minical | 1 Minical | 2025-01-08 | 8.8 High |
| Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on the Customer Name field in the Accounting module that is used to construct a CSV file. | ||||
| CVE-2023-27989 | 1 Zyxel | 8 Lte7480-m804, Lte7480-m804 Firmware, Lte7490-m904 and 5 more | 2025-01-08 | 6.5 Medium |
| A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | ||||
| CVE-2023-43504 | 1 Siemens | 1 Comos | 2025-01-08 | 9.6 Critical |
| A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition. | ||||
| CVE-2023-33457 | 1 Sogou | 1 C\+\+ Workflow | 2025-01-08 | 8.8 High |
| In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash. | ||||
| CVE-2024-0156 | 1 Dell | 1 Digital Delivery | 2025-01-08 | 7 High |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. | ||||
| CVE-2023-20731 | 3 Google, Linuxfoundation, Mediatek | 46 Android, Yocto, Mt6761 and 43 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495. | ||||
| CVE-2023-20730 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6985 and 5 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573552. | ||||
| CVE-2023-20729 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6985 and 5 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573575. | ||||
| CVE-2023-20727 | 3 Google, Linuxfoundation, Mediatek | 20 Android, Yocto, Mt6789 and 17 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531. | ||||
| CVE-2023-2157 | 1 Imagemagick | 1 Imagemagick | 2025-01-07 | 5.5 Medium |
| A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing. | ||||
| CVE-2023-20742 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | 4.4 Medium |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540. | ||||
| CVE-2023-20741 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | 4.4 Medium |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606. | ||||
| CVE-2023-20728 | 3 Google, Linuxfoundation, Mediatek | 40 Android, Yocto, Mt6781 and 37 more | 2025-01-07 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603. | ||||
| CVE-2022-48439 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 4.4 Medium |
| In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-47583 | 1 Fujielectric | 1 Tellus | 2025-01-07 | 7.8 High |
| Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a user opens a specially crafted file (X1 or V9 file), information may be disclosed and/or arbitrary code may be executed. | ||||
| CVE-2023-31278 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | ||||
| CVE-2023-29503 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2023-27916 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | ||||
| CVE-2024-52901 | 1 Ibm | 1 Infosphere Information Server | 2025-01-07 | 6.5 Medium |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation. | ||||
| CVE-2023-32545 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||