Export limit exceeded: 363662 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45978 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (45978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-41712 1 Sonicwall 61 Nsa2700, Nsa3700, Nsa4700 and 58 more 2024-11-21 6.5 Medium
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
CVE-2023-41711 1 Sonicwall 61 Nsa2700, Nsa3700, Nsa4700 and 58 more 2024-11-21 6.5 Medium
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
CVE-2023-41361 2 Debian, Frrouting 2 Debian Linux, Frrouting 2024-11-21 9.8 Critical
An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
CVE-2023-41360 4 Debian, Fedoraproject, Frrouting and 1 more 4 Debian Linux, Fedora, Frrouting and 1 more 2024-11-21 9.1 Critical
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.
CVE-2023-41359 3 Fedoraproject, Frrouting, Redhat 3 Fedora, Frrouting, Enterprise Linux 2024-11-21 9.1 Critical
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
CVE-2023-41349 1 Asus 2 Rt-ax88u, Rt-ax88u Firmware 2024-11-21 8.8 High
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity information leakage, or forcing the device to reset and permanent denial of service.
CVE-2023-41299 1 Huawei 2 Emui, Harmonyos 2024-11-21 7.5 High
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
CVE-2023-41280 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-11-21 5.5 Medium
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
CVE-2023-41279 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-11-21 5.5 Medium
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
CVE-2023-41278 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-11-21 5.5 Medium
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
CVE-2023-41273 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-11-21 5.5 Medium
A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
CVE-2023-41252 1 Intel 1 Quickassist Technology Driver 2024-11-21 6.5 Medium
Out-of-bounds read in some Intel(R) QAT software drivers for Windows before version QAT1.7-W-1.11.0 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-41140 1 Autodesk 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more 2024-11-21 7.8 High
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVE-2023-41139 1 Autodesk 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more 2024-11-21 7.8 High
A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CVE-2023-41112 1 Samsung 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more 2024-11-21 7.1 High
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.
CVE-2023-41105 3 Netapp, Python, Redhat 3 Active Iq Unified Manager, Python, Enterprise Linux 2024-11-21 7.5 High
An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.
CVE-2023-41104 2 Libvmod Digest, Varnish-software 3 Libvmod Digest, Varnish Enterprise, Vmod Digest 2024-11-21 6.5 Medium
libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use.
CVE-2023-41047 1 Octoprint 1 Octoprint 2024-11-21 6.2 Medium
OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1.9.2 contain a vulnerability that allows malicious admins to configure a specially crafted GCODE script that will allow code execution during rendering of that script. An attacker might use this to extract data managed by OctoPrint, or manipulate data managed by OctoPrint, as well as execute arbitrary commands with the rights of the OctoPrint process on the server system. OctoPrint versions from 1.9.3 onward have been patched. Administrators of OctoPrint instances are advised to make sure they can trust all other administrators on their instance and to also not blindly configure arbitrary GCODE scripts found online or provided to them by third parties.
CVE-2023-41028 1 Juplink 2 Rx4-1500, Rx4-1500 Firmware 2024-11-21 9 Critical
A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.
CVE-2023-40998 1 O-ran-sc 1 Ric Message Router 2024-11-21 7.5 High
Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via the packet size component.