Export limit exceeded: 19553 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19553 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-48230 | 1 Capnproto | 1 Capnproto | 2024-11-21 | 5.9 Medium |
| Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled, likely resulting in a crash, enabling a remote denial-of-service attack. Most Cap'n Proto and KJ users are unlikely to have this functionality enabled and so unlikely to be affected. Maintainers suspect only the Cloudflare Workers Runtime is affected. If KJ HTTP is used with WebSocket compression enabled, a malicious peer may be able to cause a buffer underrun on a heap-allocated buffer. KJ HTTP is an optional library bundled with Cap'n Proto, but is not directly used by Cap'n Proto. WebSocket compression is disabled by default. It must be enabled via a setting passed to the KJ HTTP library via `HttpClientSettings` or `HttpServerSettings`. The bytes written out-of-bounds are always a specific constant 4-byte string `{ 0x00, 0x00, 0xFF, 0xFF }`. Because this string is not controlled by the attacker, maintainers believe it is unlikely that remote code execution is possible. However, it cannot be ruled out. This functionality first appeared in Cap'n Proto 1.0. Previous versions are not affected. This issue is fixed in Cap'n Proto 1.0.1.1. | ||||
| CVE-2023-48161 | 2 Giflib Project, Redhat | 8 Giflib, Enterprise Linux, Openjdk and 5 more | 2024-11-21 | 7.1 High |
| Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c | ||||
| CVE-2023-48111 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack | ||||
| CVE-2023-48110 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack | ||||
| CVE-2023-48109 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack | ||||
| CVE-2023-48106 | 1 Zlib-ng | 1 Minizip-ng | 2024-11-21 | 8.8 High |
| Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_resolve function in the mz_os.c file. | ||||
| CVE-2023-48014 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c. | ||||
| CVE-2023-47675 | 1 Cubecart | 1 Cubecart | 2024-11-21 | 7.2 High |
| CubeCart prior to 6.5.3 allows a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command. | ||||
| CVE-2023-47586 | 1 Fujielectric | 1 V-server | 2024-11-21 | 7.8 High |
| Multiple heap-based buffer overflow vulnerabilities exist in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.0 and earlier. If a user opens a specially crafted VPR file, information may be disclosed and/or arbitrary code may be executed. | ||||
| CVE-2023-47584 | 1 Fujielectric | 1 V-server | 2024-11-21 | 7.8 High |
| Out-of-bounds write vulnerability exists in V-Server V4.0.18.0 and earlier and V-Server Lite V4.0.18.0 and earlier. If a user opens a specially crafted VPR file, information may be disclosed and/or arbitrary code may be executed. | ||||
| CVE-2023-47567 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | 4.7 Medium |
| An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-47456 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 9.1 Critical |
| Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat. | ||||
| CVE-2023-47455 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 9.1 Critical |
| Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size. | ||||
| CVE-2023-47359 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 9.8 Critical |
| Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. | ||||
| CVE-2023-47282 | 2024-11-21 | 3.9 Low | ||
| Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-47254 | 1 Draytek | 2 Vigor167, Vigor167 Firmware | 2024-11-21 | 9.8 Critical |
| An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote attackers to execute arbitrary system commands and escalate privileges via any account created within the web interface. | ||||
| CVE-2023-47249 | 1 Color | 1 Demoiccmax | 2024-11-21 | 6.5 Medium |
| In International Color Consortium DemoIccMAX 79ecb74, a CIccXmlArrayType:::ParseText function (for unsigned short) in IccUtilXml.cpp in libIccXML.a has an out-of-bounds read. | ||||
| CVE-2023-47118 | 1 Clickhouse | 2 Clickhouse, Clickhouse Cloud | 2024-11-21 | 7 High |
| ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of T64 codec that crashes the ClickHouse server process. This attack does not require authentication. Note that this exploit can also be triggered via HTTP protocol, however, the attacker will need a valid credential as the HTTP authentication take places first. This issue has been fixed in version 23.10.2.13-stable, 23.9.4.11-stable, 23.8.6.16-lts and 23.3.16.7-lts. | ||||
| CVE-2023-47073 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-47070 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||