Total
12951 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4020 | 1 Silabs | 1 Gecko Software Development Kit | 2024-11-21 | 9 Critical |
| An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory. | ||||
| CVE-2023-49992 | 1 Espeak-ng | 1 Espeak-ng | 2024-11-21 | 5.3 Medium |
| Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c. | ||||
| CVE-2023-49867 | 3 Level1, Level One, Realtek | 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more | 2024-11-21 | 7.2 High |
| A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability. | ||||
| CVE-2023-49800 | 1 Johannschopplich | 1 Nuxt Api Party | 2024-11-21 | 7.5 High |
| `nuxt-api-party` is an open source module to proxy API requests. The library allows the user to send many options directly to `ofetch`. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directly from the request body. A malicious user can construct a URL known to not fetch successfully, then set the retry attempts to a high value, this will cause a stack overflow as ofetch error handling works recursively resulting in a denial of service. This issue has been addressed in version 0.22.1. Users are advised to upgrade. Users unable to upgrade should limit ofetch options. | ||||
| CVE-2023-49701 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | 7.2 High |
| Memory Corruption in SIM management while USIMPhase2init | ||||
| CVE-2023-49699 | 1 Asrmicro | 4 Asr1803, Asr1803 Firmware, Asr1806 and 1 more | 2024-11-21 | 6.7 Medium |
| Memory Corruption in IMS while calling VoLTE Streamingmedia Interface | ||||
| CVE-2023-49675 | 2024-11-21 | 7.8 High | ||
| An unauthenticated local attacker may trick a user to open corrupted project files to execute arbitrary code or crash the system due to an out-of-bounds write vulnerability. | ||||
| CVE-2023-49614 | 2024-11-21 | 5.7 Medium | ||
| Out of bounds write in firmware for some Intel(R) FPGA products before version 2.9.0 may allow escalation of privilege and information disclosure. | ||||
| CVE-2023-49595 | 2 Level1, Realtek | 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit | 2024-11-21 | 7.2 High |
| A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability. | ||||
| CVE-2023-49468 | 1 Struktur | 1 Libde265 | 2024-11-21 | 8.8 High |
| Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc. | ||||
| CVE-2023-49467 | 1 Struktur | 1 Libde265 | 2024-11-21 | 8.8 High |
| Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at motion.cc. | ||||
| CVE-2023-49465 | 1 Struktur | 1 Libde265 | 2024-11-21 | 8.8 High |
| Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc. | ||||
| CVE-2023-49434 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetNetControlList. | ||||
| CVE-2023-49433 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetVirtualServerCfg. | ||||
| CVE-2023-49430 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg. | ||||
| CVE-2023-49426 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. | ||||
| CVE-2023-49425 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg . | ||||
| CVE-2023-49424 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | ||||
| CVE-2023-49418 | 1 Totolink | 2 A7000r, A7000r Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules. | ||||
| CVE-2023-49411 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode. | ||||