Export limit exceeded: 345860 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21477 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-23903 | 1 Nozominetworks | 2 Cmc, Guardian | 2024-11-21 | 4.9 Medium |
| An authenticated administrator can upload a SAML configuration file with the wrong format, with the application not checking the correct file format. Every subsequent application request will return an error. The whole application in rendered unusable until a console intervention. | ||||
| CVE-2023-23902 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | 9.8 Critical |
| A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2023-23796 | 1 Web-settler | 1 Form Builder | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0. | ||||
| CVE-2023-23782 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.1 High |
| A heap-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb version 6.3.0 through 6.3.19, FortiWeb 6.4 all versions, FortiWeb 6.2 all versions, FortiWeb 6.1 all versions allows attacker to escalation of privilege via specifically crafted arguments to existing commands. | ||||
| CVE-2023-23781 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.1 Medium |
| A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files. | ||||
| CVE-2023-23780 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 7.6 High |
| A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through 6.3.19, Fortinet FortiWeb 6.4 all versions allows attacker to escalation of privilege via specifically crafted HTTP requests. | ||||
| CVE-2023-23678 | 1 Wpeka | 1 Wp Cookie Consent | 2024-11-21 | 7.2 High |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent ( for GDPR, CCPA & ePrivacy ).This issue affects WP Cookie Consent ( for GDPR, CCPA & ePrivacy ): from n/a through 2.2.5. | ||||
| CVE-2023-23581 | 1 Softether | 1 Vpn | 2024-11-21 | 7.5 High |
| A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. | ||||
| CVE-2023-23571 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2024-11-21 | 7.5 High |
| An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2023-23549 | 1 Checkmk | 1 Checkmk | 2024-11-21 | 2.7 Low |
| Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames. | ||||
| CVE-2023-23528 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2024-11-21 | 6.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory. | ||||
| CVE-2023-23513 | 1 Apple | 1 Macos | 2024-11-21 | 9.8 Critical |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. | ||||
| CVE-2023-23441 | 1 Hihonor | 1 Magic Ui | 2024-11-21 | 6 Medium |
| Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak. | ||||
| CVE-2023-23364 | 1 Qnap | 1 Multimedia Console | 2024-11-21 | 8.1 High |
| A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.1 ( 2023/03/29 ) and later Multimedia Console 1.4.7 ( 2023/03/20 ) and later | ||||
| CVE-2023-23363 | 1 Qnap | 1 Qts | 2024-11-21 | 8.1 High |
| A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating system. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 4.3.6.2441 build 20230621 and later QTS 4.3.3.2420 build 20230621 and later QTS 4.2.6 build 20230621 and later QTS 4.3.4.2451 build 20230621 and later | ||||
| CVE-2023-22877 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 7 High |
| IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368. | ||||
| CVE-2023-22845 | 1 Openimageio | 1 Openimageio | 2024-11-21 | 7.5 High |
| An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2023-22719 | 1 Givewp | 1 Givewp | 2024-11-21 | 9.8 Critical |
| Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1. | ||||
| CVE-2023-22363 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 6.5 Medium |
| A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2) | ||||
| CVE-2023-22233 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-21 | 5.5 Medium |
| After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||