Export limit exceeded: 348669 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348669 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20242 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38930 | 1 Tenda | 10 Ac5, Ac5 Firmware, Ac7 and 7 more | 2024-11-21 | 9.8 Critical |
| Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | ||||
| CVE-2023-38929 | 1 Tenda | 2 4g300, 4g300 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda 4G300 v1.01.42 was discovered to contain a stack overflow via the page parameter at /VirtualSer. | ||||
| CVE-2023-38886 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 7.2 High |
| An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script. | ||||
| CVE-2023-38858 | 1 Faad2 Project | 1 Faad2 | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039. | ||||
| CVE-2023-38856 | 1 Libxls Project | 1 Libxls | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411. | ||||
| CVE-2023-38855 | 1 Libxls Project | 1 Libxls | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395. | ||||
| CVE-2023-38854 | 1 Libxls Project | 1 Libxls | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296. | ||||
| CVE-2023-38853 | 1 Libxls Project | 1 Libxls | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015. | ||||
| CVE-2023-38851 | 1 Libxls Project | 1 Libxls | 2024-11-21 | 6.5 Medium |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018. | ||||
| CVE-2023-38747 | 1 Omron | 1 Cx-programmer | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. | ||||
| CVE-2023-38692 | 1 Fit2cloud | 1 Cloudexplorer Lite | 2024-11-21 | 9.8 Critical |
| CloudExplorer Lite is an open source, lightweight cloud management platform. Versions prior to 1.3.1 contain a command injection vulnerability in the installation function in module management. The vulnerability has been fixed in v1.3.1. There are no known workarounds aside from upgrading. | ||||
| CVE-2023-38683 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted TIFF file. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-38681 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted IGS file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21270) | ||||
| CVE-2023-38680 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21132) | ||||
| CVE-2023-38679 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21106) | ||||
| CVE-2023-38673 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | 9.6 Critical |
| PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system. | ||||
| CVE-2023-38671 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-11-21 | 8.3 High |
| Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible. | ||||
| CVE-2023-38632 | 1 Asynchronous Sockets For C\+\+ Project | 1 Asynchronous Sockets For C\+\+ | 2024-11-21 | 9.8 Critical |
| async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets. | ||||
| CVE-2023-38588 | 1 Tp-link | 2 Archer C3150, Archer C3150 Firmware | 2024-11-21 | 8 High |
| Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | ||||
| CVE-2023-38570 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 5.3 Medium |
| Access of memory location after end of buffer for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||