Export limit exceeded: 364697 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46105 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-2157 1 Imagemagick 1 Imagemagick 2025-01-07 5.5 Medium
A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the application crashing.
CVE-2023-2132 1 Gitlab 1 Gitlab 2025-01-07 7.5 High
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A DollarMathPostFilter Regular Expression Denial of Service in was possible by sending crafted payloads to the preview_markdown endpoint.
CVE-2023-20742 2 Google, Mediatek 48 Android, Mt6735, Mt6737 and 45 more 2025-01-07 4.4 Medium
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540.
CVE-2023-20741 2 Google, Mediatek 48 Android, Mt6735, Mt6737 and 45 more 2025-01-07 4.4 Medium
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606.
CVE-2023-20728 3 Google, Linuxfoundation, Mediatek 40 Android, Yocto, Mt6781 and 37 more 2025-01-07 4.4 Medium
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603.
CVE-2022-48439 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 4.4 Medium
In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2023-28952 1 Ibm 1 Cognos Controller 2025-01-07 5.3 Medium
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463.
CVE-2023-47583 1 Fujielectric 1 Tellus 2025-01-07 7.8 High
Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a user opens a specially crafted file (X1 or V9 file), information may be disclosed and/or arbitrary code may be executed.
CVE-2023-31278 1 Hornerautomation 2 Cscape, Cscape Envisionrv 2025-01-07 7.8 High
Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.
CVE-2023-29503 1 Hornerautomation 2 Cscape, Cscape Envisionrv 2025-01-07 7.8 High
The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2023-27916 1 Hornerautomation 2 Cscape, Cscape Envisionrv 2025-01-07 7.8 High
The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.
CVE-2024-52901 1 Ibm 1 Infosphere Information Server 2025-01-07 6.5 Medium
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation.
CVE-2023-32545 1 Hornerautomation 2 Cscape, Cscape Envisionrv 2025-01-07 7.8 High
The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2023-2199 1 Gitlab 1 Gitlab 2025-01-07 7.5 High
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A Regular Expression Denial of Service was possible via sending crafted payloads to the preview_markdown endpoint.
CVE-2023-2198 1 Gitlab 1 Gitlab 2025-01-07 7.5 High
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A Regular Expression Denial of Service was possible via sending crafted payloads to the preview_markdown endpoint.
CVE-2023-2013 1 Gitlab 1 Gitlab 2025-01-07 2.6 Low
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into cloning non-trusted code.
CVE-2023-0508 1 Gitlab 1 Gitlab 2025-01-07 3.1 Low
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. Open redirection was possible via HTTP response splitting in the NPM package API.
CVE-2023-32289 1 Hornerautomation 2 Cscape, Cscape Envisionrv 2025-01-07 7.8 High
The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2023-32281 1 Hornerautomation 2 Cscape, Cscape Envisionrv 2025-01-07 7.8 High
The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2023-33537 1 Tp-link 6 Tl-wr740n, Tl-wr740n Firmware, Tl-wr841n and 3 more 2025-01-07 8.1 High
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm.