Export limit exceeded: 20907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27972 | 1 Hp | 76 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 73 more | 2025-01-30 | 9.8 Critical |
| Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution. | ||||
| CVE-2023-29918 | 1 Rosariosis | 1 Rosariosis | 2025-01-30 | 5.4 Medium |
| RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module. | ||||
| CVE-2023-27892 | 1 Shapeshift | 2 Keepkey, Keepkey Firmware | 2025-01-30 | 3.8 Low |
| Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet. | ||||
| CVE-2022-40302 | 3 Debian, Frrouting, Redhat | 3 Debian Linux, Frrouting, Enterprise Linux | 2025-01-30 | 6.5 Medium |
| An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. | ||||
| CVE-2023-22922 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2025-01-30 | 7.5 High |
| A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device. | ||||
| CVE-2023-22924 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2025-01-30 | 4.9 Medium |
| A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing crafted CLI commands on a vulnerable device. | ||||
| CVE-2024-39354 | 1 Deltaww | 1 Diascreen | 2025-01-30 | 7.8 High |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code. | ||||
| CVE-2024-47131 | 1 Deltaww | 1 Diascreen | 2025-01-30 | 7.8 High |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code. | ||||
| CVE-2024-39605 | 1 Deltaww | 1 Diascreen | 2025-01-30 | 7.8 High |
| If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code. | ||||
| CVE-2023-30257 | 1 Fiio | 2 M6, M6 Firmware | 2025-01-29 | 7.8 High |
| A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root. | ||||
| CVE-2023-29942 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType. | ||||
| CVE-2023-29941 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp. | ||||
| CVE-2023-29939 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr). | ||||
| CVE-2023-29934 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect(). | ||||
| CVE-2023-29933 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument. | ||||
| CVE-2023-29932 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand. | ||||
| CVE-2022-26047 | 1 Intel | 352 Converged Security And Manageability Engine, Core I3-1000g1 Firmware, Core I3-1000g4 Firmware and 349 more | 2025-01-29 | 4.3 Medium |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access. | ||||
| CVE-2024-53291 | 1 Dell | 1 Nativeedge Orchestrator | 2025-01-29 | 7.5 High |
| Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2023-27961 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-01-29 | 5.5 Medium |
| Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4, macOS Big Sur 11.7.5. Importing a maliciously crafted calendar invitation may exfiltrate user information. | ||||
| CVE-2023-27941 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-01-29 | 5.5 Medium |
| A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory. | ||||