Export limit exceeded: 14188 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14188 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29579 | 1 Yasm Project | 1 Yasm | 2024-11-21 | 5.5 Medium |
| yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | ||||
| CVE-2023-29464 | 1 Rockwellautomation | 1 Factorytalk Linx | 2024-11-21 | 8.2 High |
| FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol. | ||||
| CVE-2023-29182 | 1 Fortinet | 1 Fortios | 2024-11-21 | 6.4 Medium |
| A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections. | ||||
| CVE-2023-29075 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | 9.8 Critical |
| A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-29074 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | 9.8 Critical |
| A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-29073 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | 9.8 Critical |
| A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-28730 | 1 Panasonic | 1 Control Fpwin Pro | 2024-11-21 | 7.8 High |
| A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | ||||
| CVE-2023-28728 | 1 Panasonic | 1 Control Fpwin Pro | 2024-11-21 | 7.8 High |
| A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | ||||
| CVE-2023-28574 | 1 Qualcomm | 156 Ar8035, Ar8035 Firmware, Qam8255p and 153 more | 2024-11-21 | 9 Critical |
| Memory corruption in core services when Diag handler receives a command to configure event listeners. | ||||
| CVE-2023-28573 | 1 Qualcomm | 398 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 395 more | 2024-11-21 | 7.8 High |
| Memory corruption in WLAN HAL while parsing WMI command parameters. | ||||
| CVE-2023-28572 | 1 Qualcomm | 110 Csrb31024, Csrb31024 Firmware, Fastconnect 6800 and 107 more | 2024-11-21 | 6.6 Medium |
| Memory corruption in WLAN HOST while processing the WLAN scan descriptor list. | ||||
| CVE-2023-28561 | 1 Qualcomm | 2 Qcn7606, Qcn7606 Firmware | 2024-11-21 | 9.8 Critical |
| Memory corruption in QESL while processing payload from external ESL device to firmware. | ||||
| CVE-2023-28558 | 1 Qualcomm | 399 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 396 more | 2024-11-21 | 7.8 High |
| Memory corruption in WLAN handler while processing PhyID in Tx status handler. | ||||
| CVE-2023-28537 | 1 Qualcomm | 366 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 363 more | 2024-11-21 | 8.4 High |
| Memory corruption while allocating memory in COmxApeDec module in Audio. | ||||
| CVE-2023-28527 | 1 Ibm | 2 Informix Dynamic Server, Informix Dynamic Server On Cloud Pak For Data | 2024-11-21 | 6.2 Medium |
| IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206. | ||||
| CVE-2023-28526 | 1 Ibm | 2 Informix Dynamic Server, Informix Dynamic Server On Cloud Pak For Data | 2024-11-21 | 6.2 Medium |
| IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204. | ||||
| CVE-2023-28401 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2024-11-21 | 5.2 Medium |
| Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28064 | 1 Dell | 140 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 137 more | 2024-11-21 | 3.5 Low |
| Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2023-27395 | 1 Softether | 1 Vpn | 2024-11-21 | 9 Critical |
| A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | ||||
| CVE-2023-27390 | 1 Diagon Project | 1 Diagon | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||