Export limit exceeded: 14133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14133 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-30669 | 1 Samsung | 1 Android | 2024-11-21 | 6.7 Medium |
| Out-of-bounds Write in DoOemFactorySendFactoryTestResult of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-30668 | 1 Samsung | 1 Android | 2024-11-21 | 6.7 Medium |
| Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-30666 | 1 Samsung | 1 Android | 2024-11-21 | 5.3 Medium |
| Improper input validation vulnerability in DoOemImeiSetPreconfig in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write. | ||||
| CVE-2023-30653 | 1 Samsung | 1 Android | 2024-11-21 | 6.7 Medium |
| Out of bounds read and write in enableTspDevice of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | ||||
| CVE-2023-30652 | 1 Samsung | 1 Android | 2024-11-21 | 6.7 Medium |
| Out of bounds read and write in callrunTspCmdNoRead of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | ||||
| CVE-2023-30651 | 1 Samsung | 1 Android | 2024-11-21 | 6.7 Medium |
| Out of bounds read and write in callgetTspsysfs of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | ||||
| CVE-2023-30650 | 1 Samsung | 1 Android | 2024-11-21 | 6.7 Medium |
| Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | ||||
| CVE-2023-30649 | 1 Samsung | 1 Android | 2024-11-21 | 7.8 High |
| Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | ||||
| CVE-2023-30648 | 1 Samsung | 1 Android | 2024-11-21 | 3.3 Low |
| Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system. | ||||
| CVE-2023-30647 | 1 Samsung | 1 Android | 2024-11-21 | 7.8 High |
| Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | ||||
| CVE-2023-30646 | 1 Samsung | 1 Android | 2024-11-21 | 7.8 High |
| Heap out of bound write vulnerability in BroadcastSmsConfig of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | ||||
| CVE-2023-30645 | 1 Samsung | 1 Android | 2024-11-21 | 7.8 High |
| Heap out of bound write vulnerability in IpcRxIncomingCBMsg of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | ||||
| CVE-2023-30402 | 1 Yasm Project | 1 Yasm | 2024-11-21 | 5.5 Medium |
| YASM v1.3.0 was discovered to contain a heap overflow via the function handle_dot_label at /nasm/nasm-token.re. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | ||||
| CVE-2023-30187 | 1 Onlyoffice | 1 Document Server | 2024-11-21 | 9.8 Critical |
| An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | ||||
| CVE-2023-2923 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-21 | 6.3 Medium |
| A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230077 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2905 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 8.8 High |
| Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11. | ||||
| CVE-2023-2873 | 2 Filseclab, Microsoft | 2 Twister Antivirus, Windows | 2024-11-21 | 5.3 Medium |
| A vulnerability classified as critical was found in Twister Antivirus 8. This vulnerability affects the function 0x804f2143/0x804f217f/0x804f214b/0x80800043 in the library filppd.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2798 | 2 Htmlunit, Redhat | 3 Htmlunit, Migration Toolkit Applications, Migration Toolkit Runtimes | 2024-11-21 | 7.5 High |
| Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack.This issue affects htmlunit before 2.70.0. | ||||
| CVE-2023-2763 | 1 3ds | 1 3dexperience Solidworks | 2024-11-21 | 7.8 High |
| Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file. | ||||
| CVE-2023-2457 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 8.8 High |
| Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High) | ||||