Export limit exceeded: 25266 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20241 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20241 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40531 | 1 Tp-link | 2 Archer Ax6000, Archer Ax6000 Firmware | 2024-11-21 | 8.0 High |
| Archer AX6000 firmware versions prior to 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | ||||
| CVE-2023-40465 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | 4.3 Medium |
| Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal. | ||||
| CVE-2023-40357 | 1 Tp-link | 8 Archer A10, Archer A10 Firmware, Archer Ax10 and 5 more | 2024-11-21 | 8 High |
| Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior to 'Archer AX11000(JP)_V1_230523'. | ||||
| CVE-2023-40308 | 1 Sap | 9 Commoncryptolib, Content Server, Extended Application Services And Runtime and 6 more | 2024-11-21 | 7.5 High |
| SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information. | ||||
| CVE-2023-40307 | 1 Sap | 1 Privileges | 2024-11-21 | 6.3 Medium |
| An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data. | ||||
| CVE-2023-40305 | 1 Gnu | 1 Indent | 2024-11-21 | 5.5 Medium |
| GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. | ||||
| CVE-2023-40296 | 1 Eminfedar | 1 Async-sockets-cpp | 2024-11-21 | 7.5 High |
| async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets. | ||||
| CVE-2023-40295 | 1 0branch | 1 Boron | 2024-11-21 | 8.8 High |
| libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_strInitUtf8 at string.c. | ||||
| CVE-2023-40294 | 1 0branch | 1 Boron | 2024-11-21 | 6.5 Medium |
| libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c. | ||||
| CVE-2023-40253 | 1 Genians | 2 Genian Nac, Genian Ztna | 2024-11-21 | 6 Medium |
| Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | ||||
| CVE-2023-40193 | 1 Tp-link | 2 Deco M4, Deco M4 Firmware | 2024-11-21 | 8.0 High |
| Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | ||||
| CVE-2023-40152 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2024-11-21 | 7.8 High |
| When Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file an out of bounds write may occur. | ||||
| CVE-2023-40144 | 1 Cbc | 46 Dr-16f42a, Dr-16f42a Firmware, Dr-16f45at and 43 more | 2024-11-21 | 8.8 High |
| OS command injection vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided. | ||||
| CVE-2023-40141 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40129 | 1 Google | 1 Android | 2024-11-21 | 8.8 High |
| In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40128 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40091 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40087 | 1 Google | 1 Android | 2024-11-21 | 8.8 High |
| In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40080 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40078 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||