Total
13473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40781 | 1 Libming | 1 Libming | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function. | ||||
| CVE-2023-40711 | 1 Veilid | 1 Veilid | 2024-11-21 | 7.5 High |
| Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service (out-of-memory abort) via crafted packet data, as exploited in the wild in August 2023. | ||||
| CVE-2023-40652 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-11-21 | 4.4 Medium |
| In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-40651 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 4.4 Medium |
| In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-40465 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | 4.3 Medium |
| Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal. | ||||
| CVE-2023-40308 | 1 Sap | 9 Commoncryptolib, Content Server, Extended Application Services And Runtime and 6 more | 2024-11-21 | 7.5 High |
| SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information. | ||||
| CVE-2023-40307 | 1 Sap | 1 Privileges | 2024-11-21 | 6.3 Medium |
| An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data. | ||||
| CVE-2023-40305 | 1 Gnu | 1 Indent | 2024-11-21 | 5.5 Medium |
| GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. | ||||
| CVE-2023-40296 | 1 Eminfedar | 1 Async-sockets-cpp | 2024-11-21 | 7.5 High |
| async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets. | ||||
| CVE-2023-40295 | 1 0branch | 1 Boron | 2024-11-21 | 8.8 High |
| libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInitUtf8 at string.c. | ||||
| CVE-2023-40294 | 1 0branch | 1 Boron | 2024-11-21 | 6.5 Medium |
| libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c. | ||||
| CVE-2023-40152 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2024-11-21 | 7.8 High |
| When Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file an out of bounds write may occur. | ||||
| CVE-2023-40141 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40129 | 1 Google | 1 Android | 2024-11-21 | 8.8 High |
| In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40128 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40091 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40087 | 1 Google | 1 Android | 2024-11-21 | 8.8 High |
| In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40080 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40078 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40042 | 1 Totolink | 2 T10 V2, T10 V2 Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code. | ||||