Total
13437 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40478 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2025-01-03 | 6.8 Medium |
| NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the telnet CLI service, which listens on TCP port 23. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20009. | ||||
| CVE-2023-34823 | 1 Fdkaac Project | 1 Fdkaac | 2025-01-03 | 5.5 Medium |
| fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c. | ||||
| CVE-2023-34623 | 1 Jtidy Project | 1 Jtidy | 2025-01-03 | 7.5 High |
| An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | ||||
| CVE-2023-34620 | 1 Hjson Project | 1 Hjson | 2025-01-03 | 7.5 High |
| An issue was discovered hjson thru 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | ||||
| CVE-2023-34617 | 1 Genson Project | 1 Genson | 2025-01-03 | 7.5 High |
| An issue was discovered genson thru 1.6 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | ||||
| CVE-2023-34616 | 1 Pbjson Project | 1 Pbjson | 2025-01-03 | 7.5 High |
| An issue was discovered pbjson thru 0.4.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | ||||
| CVE-2023-34615 | 1 Pwall | 1 Jsonutil | 2025-01-03 | 7.5 High |
| An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | ||||
| CVE-2023-34824 | 1 Fdkaac Project | 1 Fdkaac | 2025-01-03 | 5.5 Medium |
| fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c. | ||||
| CVE-2023-33124 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-01-03 | 7.8 High |
| A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-35110 | 1 Jjson Project | 1 Jjson | 2025-01-02 | 7.5 High |
| An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. | ||||
| CVE-2023-2569 | 1 Schneider-electric | 1 Ecostruxure Foxboro Dcs Control Core Services | 2025-01-02 | 7.8 High |
| A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service, elevation of privilege, and potentially kernel execution when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver. | ||||
| CVE-2024-3758 | 1 Openatom | 1 Openharmony | 2025-01-02 | 6.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow. | ||||
| CVE-2022-21926 | 1 Microsoft | 1 Hevc Video Extensions | 2025-01-02 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2022-21917 | 1 Microsoft | 1 Hevc Video Extensions | 2025-01-02 | 7.8 High |
| HEVC Video Extensions Remote Code Execution Vulnerability | ||||
| CVE-2024-10487 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2024-7970 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-8905 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-7018 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||||
| CVE-2024-7024 | 1 Google | 1 Chrome | 2025-01-02 | 9.3 Critical |
| Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-9121 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||