Export limit exceeded: 20214 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20214 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29074 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | 9.8 Critical |
| A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-29073 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | 9.8 Critical |
| A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-28767 | 1 Zyxel | 47 Atp Series Firmware, Usg 20w-vpn, Usg 20w-vpn Firmware and 44 more | 2024-11-21 | 8.8 High |
| The configuration parser fails to sanitize user-controlled input in the Zyxel ATP series firmware versions 5.10 through 5.36, USG FLEX series firmware versions 5.00 through 5.36, USG FLEX 50(W) series firmware versions 5.10 through 5.36, USG20(W)-VPN series firmware versions 5.10 through 5.36, and VPN series firmware versions 5.00 through 5.36. An unauthenticated, LAN-based attacker could leverage the vulnerability to inject some operating system (OS) commands into the device configuration data on an affected device when the cloud management mode is enabled. | ||||
| CVE-2023-28730 | 1 Panasonic | 1 Control Fpwin Pro | 2024-11-21 | 7.8 High |
| A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | ||||
| CVE-2023-28728 | 1 Panasonic | 1 Control Fpwin Pro | 2024-11-21 | 7.8 High |
| A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | ||||
| CVE-2023-28614 | 1 Freewillsolutions | 1 Smart Trade | 2024-11-21 | 9.8 Critical |
| Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters to a report page. | ||||
| CVE-2023-28574 | 1 Qualcomm | 156 Ar8035, Ar8035 Firmware, Qam8255p and 153 more | 2024-11-21 | 9 Critical |
| Memory corruption in core services when Diag handler receives a command to configure event listeners. | ||||
| CVE-2023-28573 | 1 Qualcomm | 398 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 395 more | 2024-11-21 | 7.8 High |
| Memory corruption in WLAN HAL while parsing WMI command parameters. | ||||
| CVE-2023-28572 | 1 Qualcomm | 110 Csrb31024, Csrb31024 Firmware, Fastconnect 6800 and 107 more | 2024-11-21 | 6.6 Medium |
| Memory corruption in WLAN HOST while processing the WLAN scan descriptor list. | ||||
| CVE-2023-28561 | 1 Qualcomm | 2 Qcn7606, Qcn7606 Firmware | 2024-11-21 | 9.8 Critical |
| Memory corruption in QESL while processing payload from external ESL device to firmware. | ||||
| CVE-2023-28558 | 1 Qualcomm | 399 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 396 more | 2024-11-21 | 7.8 High |
| Memory corruption in WLAN handler while processing PhyID in Tx status handler. | ||||
| CVE-2023-28537 | 1 Qualcomm | 366 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 363 more | 2024-11-21 | 8.4 High |
| Memory corruption while allocating memory in COmxApeDec module in Audio. | ||||
| CVE-2023-28527 | 1 Ibm | 2 Informix Dynamic Server, Informix Dynamic Server On Cloud Pak For Data | 2024-11-21 | 6.2 Medium |
| IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206. | ||||
| CVE-2023-28526 | 1 Ibm | 2 Informix Dynamic Server, Informix Dynamic Server On Cloud Pak For Data | 2024-11-21 | 6.2 Medium |
| IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204. | ||||
| CVE-2023-28401 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2024-11-21 | 5.2 Medium |
| Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28064 | 1 Dell | 140 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 137 more | 2024-11-21 | 3.5 Low |
| Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2023-28000 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | 6.3 Medium |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.0 through 6.2.4, 6.1 all versions, 6.0 all versions may allow a local and authenticated attacker to execute unauthorized commands via specifically crafted arguments in diagnose system df CLI command. | ||||
| CVE-2023-27999 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | 7.6 High |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | ||||
| CVE-2023-27395 | 1 Softether | 1 Vpn | 2024-11-21 | 9 Critical |
| A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | ||||
| CVE-2023-27390 | 1 Diagon Project | 1 Diagon | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | ||||