Total
13433 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-47897 | 2025-01-13 | 8.8 High | ||
| Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots. | ||||
| CVE-2023-43549 | 1 Qualcomm | 278 Ar8035, Ar8035 Firmware, Csr8811 and 275 more | 2025-01-10 | 8.4 High |
| Memory corruption while processing TPC target power table in FTM TPC. | ||||
| CVE-2017-17969 | 2 7-zip, Debian | 3 7-zip, P7zip, Debian Linux | 2025-01-10 | N/A |
| Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | ||||
| CVE-2023-43540 | 1 Qualcomm | 58 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 55 more | 2025-01-10 | 8.4 High |
| Memory corruption while processing the IOCTL FM HCI WRITE request. | ||||
| CVE-2023-28582 | 1 Qualcomm | 86 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 83 more | 2025-01-10 | 9.8 Critical |
| Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake. | ||||
| CVE-2023-24817 | 1 Riot-os | 1 Riot | 2025-01-10 | 7.5 High |
| RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer. Triggering the access at the right time will corrupt other packets or the allocator metadata. Corrupting a pointer will lead to denial of service. This issue is fixed in version 2023.04. As a workaround, disable SRH in the network stack. | ||||
| CVE-2023-33975 | 1 Riot-os | 1 Riot | 2025-01-10 | 9.8 Critical |
| RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. This issue is fixed in pull request 19680. As a workaround, disable support for fragmented IP datagrams. | ||||
| CVE-2023-33633 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm. | ||||
| CVE-2023-33632 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. | ||||
| CVE-2023-33631 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelSTList interface at /goform/aspForm. | ||||
| CVE-2023-33629 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. | ||||
| CVE-2023-33628 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. | ||||
| CVE-2023-33485 | 1 Totolink | 2 X5000r, X5000r Firmware | 2025-01-10 | 8.8 High |
| TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function. | ||||
| CVE-2023-33643 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddWlanMacList interface at /goform/aspForm. | ||||
| CVE-2023-33642 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID interface at /goform/aspForm. | ||||
| CVE-2023-33641 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddMacList interface at /goform/aspForm. | ||||
| CVE-2023-33640 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetAPWifiorLedInfoById interface at /goform/aspForm. | ||||
| CVE-2023-33639 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetMobileAPInfoById interface at /goform/aspForm. | ||||
| CVE-2023-33638 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm. | ||||
| CVE-2023-33637 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. | ||||