Export limit exceeded: 34861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15433 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3481 | 1 Google | 1 Critters | 2024-11-21 | 5.7 Medium |
| Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting (XSS) bug. We recommend upgrading to version 0.0.20 of the extension. | ||||
| CVE-2023-3471 | 1 Panasonic | 1 Kw Watcher | 2024-11-21 | 8.6 High |
| Buffer overflow vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code. | ||||
| CVE-2023-3453 | 1 Etictelecom | 14 Ras-c-100-lw, Ras-e-100, Ras-e-220 and 11 more | 2024-11-21 | 7.1 High |
| ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition. | ||||
| CVE-2023-3261 | 2 Cyberpower, Dataprobe | 45 Powerpanel Server, Iboot-pdu4-c20, Iboot-pdu4-c20 Firmware and 42 more | 2024-11-21 | 7.5 High |
| The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0 library.Successful exploitation could cause denial of service or unexpected behavior with respect to all interactions relying on the targeted vulnerable binary, including the ability to log in via the web server. | ||||
| CVE-2023-3138 | 2 Redhat, X.org | 3 Enterprise Linux, Rhel Eus, Libx11 | 2024-11-21 | 7.5 High |
| A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption. | ||||
| CVE-2023-3024 | 2 Qualcomm, Silabs | 9 Aqt1000, Csrb31024, Wcd9370 and 6 more | 2024-11-21 | 5.9 Medium |
| Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access. | ||||
| CVE-2023-39984 | 1 Hitachi | 1 Eh-view | 2024-11-21 | 7.8 High |
| ** UNSUPPORTED WHEN ASSIGNED ** Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially disclose information and execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-39976 | 2 Clusterlabs, Redhat | 3 Libqb, Enterprise Linux, Rhel Eus | 2024-11-21 | 9.8 Critical |
| log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. | ||||
| CVE-2023-39616 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 7.5 High |
| AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h. | ||||
| CVE-2023-39527 | 1 Prestashop | 1 Prestashop | 2024-11-21 | 8.3 High |
| PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds. | ||||
| CVE-2023-39390 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart. | ||||
| CVE-2023-39386 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart. | ||||
| CVE-2023-39382 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart. | ||||
| CVE-2023-39381 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart. | ||||
| CVE-2023-39130 | 1 Gnu | 1 Gdb | 2024-11-21 | 5.5 Medium |
| GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. | ||||
| CVE-2023-39128 | 1 Gnu | 1 Gdb | 2024-11-21 | 5.5 Medium |
| GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. | ||||
| CVE-2023-38668 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 5.5 Medium |
| Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash). | ||||
| CVE-2023-38667 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 5.5 Medium |
| Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service. | ||||
| CVE-2023-38316 | 1 Opennds | 1 Captive Portal | 2024-11-21 | 9.8 Critical |
| An issue was discovered in OpenNDS Captive Portal before version 10.1.2. When the custom unescape callback is enabled, attackers can execute arbitrary OS commands by inserting them into the URL portion of HTTP GET requests. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and OpenWrt 22.03 on 28. August 2023 by updating OpenNDS to version 10.1.3. | ||||
| CVE-2023-38020 | 1 Ibm | 1 Soar Qradar Plugin App | 2024-11-21 | 4.3 Medium |
| IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576. | ||||