Export limit exceeded: 346810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21598 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28404 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2024-11-21 | 3.8 Low |
| Out-of-bounds read in the Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-28199 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose kernel memory. | ||||
| CVE-2023-28077 | 1 Dell | 1 Bsafe Ssl-j | 2024-11-21 | 4.4 Medium |
| Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. | ||||
| CVE-2023-28004 | 1 Schneider-electric | 2 Powerlogic Hdpm6000, Powerlogic Hdpm6000 Firmware | 2024-11-21 | 9.8 Critical |
| A CWE-129: Improper validation of an array index vulnerability exists where a specially crafted Ethernet request could result in denial of service or remote code execution. | ||||
| CVE-2023-27948 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | ||||
| CVE-2023-27947 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | ||||
| CVE-2023-27939 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory. | ||||
| CVE-2023-27857 | 1 Rockwellautomation | 1 Thinmanager | 2024-11-21 | 7.5 High |
| In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation. | ||||
| CVE-2023-27395 | 1 Softether | 1 Vpn | 2024-11-21 | 9 Critical |
| A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | ||||
| CVE-2023-27390 | 1 Diagon Project | 1 Diagon | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-26930 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 5.5 Medium |
| Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.” | ||||
| CVE-2023-26368 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe InCopy versions 18.5 (and earlier) and 17.4.2 (and earlier) are affected by are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-26320 | 2 Mi, Xiaomi | 3 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware, Xiaomi Router | 2024-11-21 | 7.5 High |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection. | ||||
| CVE-2023-26319 | 2 Mi, Xiaomi | 3 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware, Xiaomi Router | 2024-11-21 | 6.7 Medium |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection. | ||||
| CVE-2023-26318 | 2 Mi, Xiaomi | 3 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware, Xiaomi Router | 2024-11-21 | 6.7 Medium |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers. | ||||
| CVE-2023-26157 | 1 Gnu | 1 Libredwg | 2024-11-21 | 5.5 Medium |
| Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | ||||
| CVE-2023-25862 | 1 Adobe | 1 Illustrator | 2024-11-21 | 5.5 Medium |
| Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25642 | 1 Zte | 4 Mc801a, Mc801a1, Mc801a1 Firmware and 1 more | 2024-11-21 | 5.9 Medium |
| There is a buffer overflow vulnerability in some ZTE mobile internet producsts. Due to insufficient validation of tcp port parameter, an authenticated attacker could use the vulnerability to perform a denial of service attack. | ||||
| CVE-2023-25611 | 1 Fortinet | 1 Fortianalyzer | 2024-11-21 | 4 Medium |
| A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names. | ||||
| CVE-2023-25602 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.4 High |
| A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments. | ||||