Total
12106 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27398 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20304) | ||||
| CVE-2024-23611 | 1 Ni | 1 Labview | 2025-02-27 | 7.8 High |
| An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions. | ||||
| CVE-2024-23610 | 1 Ni | 1 Labview | 2025-02-27 | 7.8 High |
| An out of bounds write due to a missing bounds check in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions. | ||||
| CVE-2023-27399 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20299, ZDI-CAN-20346) | ||||
| CVE-2023-26806 | 1 Tenda | 2 W20e, W20e Firmware | 2025-02-27 | 9.8 Critical |
| Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime, | ||||
| CVE-2023-26805 | 1 Tenda | 2 W20e, W20e Firmware | 2025-02-27 | 9.8 Critical |
| Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify. | ||||
| CVE-2022-48424 | 1 Linux | 1 Linux Kernel | 2025-02-27 | 7.8 High |
| In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. | ||||
| CVE-2022-48423 | 1 Linux | 1 Linux Kernel | 2025-02-27 | 7.8 High |
| In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur. | ||||
| CVE-2023-27400 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20300) | ||||
| CVE-2023-27403 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains a memory corruption vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20303, ZDI-CAN-20348) | ||||
| CVE-2023-27404 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20433) | ||||
| CVE-2023-27406 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-02-27 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20449) | ||||
| CVE-2023-27239 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-02-27 | 9.8 Critical |
| Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet. | ||||
| CVE-2023-25267 | 1 Gfi | 1 Kerio Connect | 2025-02-27 | 8.8 High |
| An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 (fixed in 10.0.0). There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI. | ||||
| CVE-2023-25282 | 1 Dlink | 2 Dir-820l, Dir-820l Firmware | 2025-02-27 | 6.5 Medium |
| A heap overflow vulnerability in D-Link DIR820LA1_FW106B02 allows attackers to cause a denial of service via the config.log_to_syslog and log_opt_dropPackets parameters to mydlink_api.ccp. | ||||
| CVE-2023-27781 | 1 Jpegoptim Project | 1 Jpegoptim | 2025-02-27 | 7.8 High |
| jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c. | ||||
| CVE-2025-21785 | 2025-02-27 | 7.8 High | ||
| In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level). | ||||
| CVE-2023-44398 | 1 Exiv2 | 1 Exiv2 | 2025-02-26 | 8.8 High |
| Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds write was found in Exiv2 version v0.28.0. The vulnerable function, `BmffImage::brotliUncompress`, is new in v0.28.0, so earlier versions of Exiv2 are _not_ affected. The out-of-bounds write is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. This bug is fixed in version v0.28.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-21046 | 1 Google | 1 Android | 2025-02-26 | 4.4 Medium |
| In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-253424924References: N/A | ||||
| CVE-2023-26497 | 1 Samsung | 10 Exynos 1080, Exynos 1080 Firmware, Exynos 980 and 7 more | 2025-02-26 | 8.6 High |
| An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute. | ||||