Total
2550 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24566 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 3.3 LOW |
| A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19472) | |||||
| CVE-2023-24549 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2023-24018 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 security_decrypt_password functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-23902 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2023-23781 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 6.4 MEDIUM |
| A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files. | |||||
| CVE-2023-23780 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 8.0 HIGH |
| A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests. | |||||
| CVE-2023-23580 | 1 Intel | 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector | 2024-11-21 | N/A | 4.8 MEDIUM |
| Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access. | |||||
| CVE-2023-23569 | 1 Intel | 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector | 2024-11-21 | N/A | 7.8 HIGH |
| Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-22842 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-11-21 | N/A | 7.5 HIGH |
| On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2023-22363 | 1 Gallagher | 1 Command Centre | 2024-11-21 | N/A | 6.5 MEDIUM |
| A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2) | |||||
| CVE-2023-22243 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22234 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Premiere Rush version 2.6 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-22226 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21732 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
| CVE-2023-21632 | 1 Qualcomm | 50 Apq8064au, Apq8064au Firmware, Msm8996au and 47 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in Automotive GPU while querying a gsl memory node. | |||||
| CVE-2023-21610 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21604 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21414 | 1 Axis | 35 A8207-ve Mk Ii, Axis Os, M3215 and 32 more | 2024-11-21 | N/A | 7.1 HIGH |
| NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | |||||
| CVE-2023-20250 | 1 Cisco | 8 Rv110w, Rv110w Firmware, Rv130 and 5 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device. | |||||
| CVE-2023-20079 | 1 Cisco | 42 Ip Phone 6825, Ip Phone 6825 Firmware, Ip Phone 6841 and 39 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. | |||||