Export limit exceeded: 21591 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21591 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32825 | 2 Google, Mediatek | 45 Android, Mt2713, Mt6580 and 42 more | 2024-11-21 | 5.5 Medium |
| In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130. | ||||
| CVE-2023-32817 | 2 Google, Mediatek | 35 Android, Mt2713, Mt6580 and 32 more | 2024-11-21 | 4.4 Medium |
| In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035. | ||||
| CVE-2023-32816 | 2 Google, Mediatek | 35 Android, Mt2713, Mt6580 and 32 more | 2024-11-21 | 4.4 Medium |
| In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032. | ||||
| CVE-2023-32815 | 4 Google, Linuxfoundation, Mediatek and 1 more | 40 Android, Yocto, Mt2713 and 37 more | 2024-11-21 | 4.4 Medium |
| In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801. | ||||
| CVE-2023-32814 | 2 Google, Mediatek | 40 Android, Mt2713, Mt2735 and 37 more | 2024-11-21 | 4.4 Medium |
| In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08031947; Issue ID: ALPS08031947. | ||||
| CVE-2023-32810 | 4 Google, Linux, Linuxfoundation and 1 more | 42 Android, Linux Kernel, Yocto and 39 more | 2024-11-21 | 4.4 Medium |
| In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212. | ||||
| CVE-2023-32807 | 3 Google, Linuxfoundation, Mediatek | 27 Android, Yocto, Iot Yocto and 24 more | 2024-11-21 | 4.4 Medium |
| In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360. | ||||
| CVE-2023-32763 | 1 Qt | 1 Qt | 2024-11-21 | 7.5 High |
| An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered. | ||||
| CVE-2023-32651 | 1 Intel | 7 Killer, Killer Wi-fi 6e Ax1675, Killer Wi-fi 6e Ax1690 and 4 more | 2024-11-21 | 4.3 Medium |
| Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2023-32471 | 1 Dell | 20 Edge Gateway 3200, Edge Gateway 3200 Firmware, Edge Gateway 5200 and 17 more | 2024-11-21 | 6 Medium |
| Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits. | ||||
| CVE-2023-32461 | 1 Dell | 104 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 101 more | 2024-11-21 | 5 Medium |
| Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges. | ||||
| CVE-2023-32443 | 1 Apple | 1 Macos | 2024-11-21 | 8.1 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents. | ||||
| CVE-2023-31998 | 1 Ui | 4 Aircube, Aircube Firmware, Edgemax Edgerouter and 1 more | 2024-11-21 | 7.5 High |
| A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices. | ||||
| CVE-2023-31489 | 3 Fedoraproject, Frrouting, Redhat | 3 Fedora, Frrouting, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function. | ||||
| CVE-2023-31296 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-11-21 | 5.3 Medium |
| CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field. | ||||
| CVE-2023-31295 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-11-21 | 7.5 High |
| CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the User Profile field. | ||||
| CVE-2023-31294 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-11-21 | 7.5 High |
| CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the Delivery Name field. | ||||
| CVE-2023-31029 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 9.3 Critical |
| NVIDIA DGX A100 baseboard management controller (BMC) contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-30796 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-30795 | 1 Siemens | 3 Jt Open, Jt Utilities, Parasolid | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4), Parasolid V34.0 (All versions < V34.0.253), Parasolid V34.1 (All versions < V34.1.243), Parasolid V35.0 (All versions < V35.0.177), Parasolid V35.1 (All versions < V35.1.073). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. | ||||