Total
13433 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33636 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. | ||||
| CVE-2023-33635 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateMacClone interface at /goform/aspForm. | ||||
| CVE-2023-33634 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. | ||||
| CVE-2023-33627 | 1 H3c | 2 Magic R300-2100m, Magic R300-2100m Firmware | 2025-01-10 | 7.2 High |
| H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateSnat interface at /goform/aspForm. | ||||
| CVE-2023-25732 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2025-01-09 | 8.8 High |
| When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | ||||
| CVE-2017-15832 | 1 Qualcomm | 10 Mdm9206, Mdm9206 Firmware, Mdm9607 and 7 more | 2025-01-09 | 7.8 High |
| Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW | ||||
| CVE-2023-25746 | 2 Mozilla, Redhat | 7 Firefox Esr, Thunderbird, Enterprise Linux and 4 more | 2025-01-09 | 8.8 High |
| Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8. | ||||
| CVE-2023-25745 | 1 Mozilla | 1 Firefox | 2025-01-09 | 8.8 High |
| Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110. | ||||
| CVE-2023-33551 | 1 Erofs-utils Project | 1 Erofs-utils | 2025-01-09 | 7.8 High |
| Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. | ||||
| CVE-2024-3933 | 1 Eclipse | 1 Openj9 | 2025-01-09 | 5.3 Medium |
| In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer with an incorrect length value when executing an arraycopy sequence while the Concurrent Scavenge Garbage Collection cycle is active and the source and destination memory regions for arraycopy overlap. This allows read and write to addresses beyond the end of the array range. | ||||
| CVE-2024-32038 | 1 Wazuh | 1 Wazuh | 2025-01-09 | 9.8 Critical |
| Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is fixed in Wazuh Manager 4.7.2. | ||||
| CVE-2023-33552 | 1 Erofs-utils Project | 1 Erofs-utils | 2025-01-09 | 7.8 High |
| Heap Buffer Overflow in the erofs_read_one_data function at data.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. | ||||
| CVE-2023-1945 | 2 Mozilla, Redhat | 7 Firefox Esr, Thunderbird, Enterprise Linux and 4 more | 2025-01-09 | 6.5 Medium |
| Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10. | ||||
| CVE-2024-21661 | 2 Argoproj, Redhat | 3 Argo-cd, Argo Cd, Openshift Gitops | 2025-01-09 | 7.5 High |
| Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. The vulnerability is rooted in the application's code, where an array is being modified while it is being iterated over. This is a classic programming error but becomes critically unsafe when executed in a multi-threaded environment. When two threads interact with the same array simultaneously, the application crashes. This is a Denial of Service (DoS) vulnerability. Any attacker can crash the application continuously, making it impossible for legitimate users to access the service. The issue is exacerbated because it does not require authentication, widening the pool of potential attackers. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue. | ||||
| CVE-2023-25744 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Enterprise Linux and 4 more | 2025-01-09 | 8.8 High |
| Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8. | ||||
| CVE-2023-29551 | 1 Mozilla | 2 Firefox, Focus | 2025-01-08 | 8.8 High |
| Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. | ||||
| CVE-2023-33675 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-01-08 | 9.8 Critical |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function. | ||||
| CVE-2023-33673 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-01-08 | 9.8 Critical |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | ||||
| CVE-2023-33672 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-01-08 | 7.5 High |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. | ||||
| CVE-2023-33671 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-01-08 | 9.8 Critical |
| Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | ||||