Export limit exceeded: 43824 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43824 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33950 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2024-11-21 | 6.5 Medium |
| Pattern Redirects in Liferay Portal 7.4.3.48 through 7.4.3.76, and Liferay DXP 7.4 update 48 through 76 allows regular expressions that are vulnerable to ReDoS attacks to be used as patterns, which allows remote attackers to consume an excessive amount of server resources via crafted request URLs. | ||||
| CVE-2023-33867 | 1 Intel | 2 Realsense 450 Fa, Realsense 450 Fa Firmware | 2024-11-21 | 4.4 Medium |
| Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-33802 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2024-11-21 | 5.5 Medium |
| A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. | ||||
| CVE-2023-33383 | 1 Shelly | 2 Pro 4pm, Pro 4pm Firmware | 2024-11-21 | 5.3 Medium |
| Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload. | ||||
| CVE-2023-33308 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-11-21 | 9.8 Critical |
| A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection. | ||||
| CVE-2023-33222 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | 6.8 Medium |
| When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | ||||
| CVE-2023-33221 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | 6.8 Medium |
| When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code Execution on the targeted device. This is especially problematic if you use Default DESFire key. | ||||
| CVE-2023-33220 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | 6.5 Medium |
| During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | ||||
| CVE-2023-33219 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | 6.5 Medium |
| The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device | ||||
| CVE-2023-33218 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | 6.5 Medium |
| The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device. | ||||
| CVE-2023-33097 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Csr8811 and 241 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Firmware while processing a FTMR frame. | ||||
| CVE-2023-33081 | 1 Qualcomm | 298 Aqt1000, Aqt1000 Firmware, Ar8035 and 295 more | 2024-11-21 | 7.5 High |
| Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. | ||||
| CVE-2023-33061 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Csr8811 and 227 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. | ||||
| CVE-2023-33060 | 1 Qualcomm | 94 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 91 more | 2024-11-21 | 7.1 High |
| Transient DOS in Core when DDR memory check is called while DDR is not initialized. | ||||
| CVE-2023-33058 | 1 Qualcomm | 94 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 91 more | 2024-11-21 | 8.2 High |
| Information disclosure in Modem while processing SIB5. | ||||
| CVE-2023-33048 | 1 Qualcomm | 232 Ar8035, Ar8035 Firmware, Csr8811 and 229 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Firmware while parsing t2lm buffers. | ||||
| CVE-2023-33045 | 1 Qualcomm | 265 Ar8035, Ar8035 Firmware, Csr8811 and 262 more | 2024-11-21 | 9.8 Critical |
| Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. | ||||
| CVE-2023-33038 | 1 Qualcomm | 288 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 285 more | 2024-11-21 | 6.7 Medium |
| Memory corruption while receiving a message in Bus Socket Transport Server. | ||||
| CVE-2023-33016 | 1 Qualcomm | 132 Csr8811, Csr8811 Firmware, Fastconnect 6900 and 129 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN firmware while parsing MLO (multi-link operation). | ||||
| CVE-2023-33015 | 1 Qualcomm | 388 315 5g, 315 5g Firmware, Aqt1000 and 385 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame. | ||||