Export limit exceeded: 346373 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21516 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21516 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-12185 | 1 Code-projects | 1 Hotel Management System | 2024-12-10 | 5.3 Medium |
| A vulnerability has been found in code-projects Hotel Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Administrator Login Password Handler. The manipulation of the argument Str2 leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12186 | 1 Code-projects | 1 Hotel Management System | 2024-12-10 | 5.3 Medium |
| A vulnerability was found in code-projects Hotel Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file hotelnew.c of the component Available Room Handler. The manipulation of the argument admin_entry leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-52574 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24543) | ||||
| CVE-2024-52572 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain a stack based overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24486) | ||||
| CVE-2024-52567 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24237) | ||||
| CVE-2024-45466 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-45465 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-45464 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-45463 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-34563 | 1 Netgear | 2 R6250, R6250 Firmware | 2024-12-09 | 9.8 Critical |
| netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. | ||||
| CVE-2023-3110 | 1 Silabs | 1 Unify Software Development Kit | 2024-12-09 | 9.6 Critical |
| Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution. | ||||
| CVE-2020-35357 | 2 Debian, Gnu | 2 Debian Linux, Gnu Scientific Library | 2024-12-07 | 6.5 Medium |
| A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution. | ||||
| CVE-2023-25435 | 1 Libtiff | 1 Libtiff | 2024-12-06 | 5.5 Medium |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753. | ||||
| CVE-2023-0969 | 1 Silabs | 1 Z\/ip Gateway Sdk | 2024-12-06 | 3.5 Low |
| A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory. | ||||
| CVE-2023-0970 | 1 Silabs | 1 Z\/ip Gateway Sdk | 2024-12-06 | 7.1 High |
| Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code. | ||||
| CVE-2023-0972 | 1 Silabs | 1 Z\/ip Gateway Sdk | 2024-12-06 | 9.6 Critical |
| Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution. | ||||
| CVE-2023-31867 | 1 Sage | 1 X3 | 2024-12-06 | 7.2 High |
| Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection. | ||||
| CVE-2024-20739 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-12-06 | 7.8 High |
| Audition versions 24.0.3, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20750 | 1 Adobe | 1 Substance 3d Designer | 2024-12-06 | 7.8 High |
| Substance3D - Designer versions 13.1.0 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-32375 | 1 Apple | 1 Macos | 2024-12-05 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may result in disclosure of process memory. | ||||