Export limit exceeded: 351337 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44115 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44115 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0156 | 1 Dell | 1 Digital Delivery | 2025-01-08 | 7 High |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. | ||||
| CVE-2023-20731 | 3 Google, Linuxfoundation, Mediatek | 46 Android, Yocto, Mt6761 and 43 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495. | ||||
| CVE-2023-20730 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6985 and 5 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573552. | ||||
| CVE-2023-20729 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6985 and 5 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573575. | ||||
| CVE-2023-20727 | 3 Google, Linuxfoundation, Mediatek | 20 Android, Yocto, Mt6789 and 17 more | 2025-01-08 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531. | ||||
| CVE-2023-2157 | 1 Imagemagick | 1 Imagemagick | 2025-01-07 | 5.5 Medium |
| A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing. | ||||
| CVE-2023-2132 | 1 Gitlab | 1 Gitlab | 2025-01-07 | 7.5 High |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A DollarMathPostFilter Regular Expression Denial of Service in was possible by sending crafted payloads to the preview_markdown endpoint. | ||||
| CVE-2023-20742 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | 4.4 Medium |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540. | ||||
| CVE-2023-20741 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | 4.4 Medium |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606. | ||||
| CVE-2023-20728 | 3 Google, Linuxfoundation, Mediatek | 40 Android, Yocto, Mt6781 and 37 more | 2025-01-07 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603. | ||||
| CVE-2022-48439 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 4.4 Medium |
| In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-28952 | 1 Ibm | 1 Cognos Controller | 2025-01-07 | 5.3 Medium |
| IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463. | ||||
| CVE-2023-47583 | 1 Fujielectric | 1 Tellus | 2025-01-07 | 7.8 High |
| Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a user opens a specially crafted file (X1 or V9 file), information may be disclosed and/or arbitrary code may be executed. | ||||
| CVE-2023-31278 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | ||||
| CVE-2023-29503 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2023-27916 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | ||||
| CVE-2024-52901 | 1 Ibm | 1 Infosphere Information Server | 2025-01-07 | 6.5 Medium |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation. | ||||
| CVE-2023-32545 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2025-01-07 | 7.8 High |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2023-2199 | 1 Gitlab | 1 Gitlab | 2025-01-07 | 7.5 High |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A Regular Expression Denial of Service was possible via sending crafted payloads to the preview_markdown endpoint. | ||||
| CVE-2023-2198 | 1 Gitlab | 1 Gitlab | 2025-01-07 | 7.5 High |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A Regular Expression Denial of Service was possible via sending crafted payloads to the preview_markdown endpoint. | ||||