| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2023-28772 |
120 |
|
Overflow |
2023-03-23 |
2023-03-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. |
|
2 |
CVE-2023-28638 |
119 |
|
DoS Overflow |
2023-03-27 |
2023-03-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Snappier is a high performance C# implementation of the Snappy compression algorithm. This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. In this release, much of the code was rewritten to use byte references rather than pointers to pinned buffers. This change generally improves performance and reduces workload on the garbage collector. However, when the garbage collector performs compaction and rearranges memory, it must update any byte references on the stack to refer to the updated location. The .NET garbage collector can only update these byte references if they still point within the buffer or to a point one byte past the end of the buffer. If they point outside this area, the buffer itself may be moved while the byte reference stays the same. There are several places in 1.1.0 where byte references very briefly point outside the valid areas of buffers. These are at locations in the code being used for buffer range checks. While the invalid references are never dereferenced directly, if a GC compaction were to occur during the brief window when they are on the stack then it could invalidate the buffer range check and allow other operations to overrun the buffer. This should be very difficult for an attacker to trigger intentionally. It would require a repetitive bulk attack with the hope that a GC compaction would occur at precisely the right moment during one of the requests. However, one of the range checks with this problem is a check based on input data in the decompression buffer, meaning malformed input data could be used to increase the chance of success. Note that any resulting buffer overrun is likely to cause access to protected memory, which will then cause an exception and the process to be terminated. Therefore, the most likely result of an attack is a denial of service. This issue has been patched in release 1.1.1. Users are advised to upgrade. Users unable to upgrade may pin buffers to a fixed location before using them for compression or decompression to mitigate some, but not all, of these cases. At least one temporary decompression buffer is internal to the library and never pinned. |
|
3 |
CVE-2023-28508 |
|
|
Overflow |
2023-03-29 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process. |
|
4 |
CVE-2023-28506 |
|
|
Overflow |
2023-03-29 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login to exploit. |
|
5 |
CVE-2023-28505 |
|
|
Overflow |
2023-03-29 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to exploit. |
|
6 |
CVE-2023-28504 |
|
|
Exec Code Overflow |
2023-03-29 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user. |
|
7 |
CVE-2023-28502 |
|
|
Exec Code Overflow |
2023-03-29 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the root user. |
|
8 |
CVE-2023-28501 |
|
|
Exec Code Overflow |
2023-03-29 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based buffer overflow in the unirpcd daemon that, if successfully exploited, can lead to remote code execution as the root user. |
|
9 |
CVE-2023-28116 |
787 |
|
Overflow |
2023-03-17 |
2023-03-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer (packetbuf) for processing of packets, with the size of PACKETBUF_SIZE. In particular, when using the BLE L2CAP module with the default configuration, the PACKETBUF_SIZE value becomes larger then the actual size of the packetbuf. When large packets are processed by the L2CAP module, a buffer overflow can therefore occur when copying the packet data to the packetbuf. The vulnerability has been patched in the "develop" branch of Contiki-NG, and will be included in release 4.9. The problem can be worked around by applying the patch manually. |
|
10 |
CVE-2023-27852 |
120 |
|
Exec Code Overflow |
2023-03-10 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. |
|
11 |
CVE-2023-27781 |
787 |
|
Overflow |
2023-03-15 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
jpegoptim v1.5.2 was discovered to contain a heap overflow in the optimize function at jpegoptim.c. |
|
12 |
CVE-2023-27754 |
787 |
|
DoS Overflow |
2023-03-22 |
2023-03-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy() funciton. The flow allows an attacker to cause a denial of service (abort) via a crafted file. |
|
13 |
CVE-2023-27655 |
787 |
|
Overflow |
2023-03-23 |
2023-03-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
xpdf v4.04 was discovered to contain a stack overflow in the component pdftotext. |
|
14 |
CVE-2023-27590 |
787 |
|
Overflow |
2023-03-14 |
2023-03-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Rizin is a UNIX-like reverse engineering framework and command-line toolset. In version 0.5.1 and prior, converting a GDB registers profile file into a Rizin register profile can result in a stack-based buffer overflow when the `name`, `type`, or `groups` fields have longer values than expected. Users opening untrusted GDB registers files (e.g. with the `drpg` or `arpg` commands) are affected by this flaw. Commit d6196703d89c84467b600ba2692534579dc25ed4 contains a patch for this issue. As a workaround, review the GDB register profiles before loading them with `drpg`/`arpg` commands. |
|
15 |
CVE-2023-27585 |
120 |
|
Overflow |
2023-03-14 |
2023-03-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. |
|
16 |
CVE-2023-27249 |
787 |
|
Overflow |
2023-03-23 |
2023-03-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c. |
|
17 |
CVE-2023-27239 |
787 |
|
Overflow |
2023-03-15 |
2023-03-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet. |
|
18 |
CVE-2023-27117 |
787 |
|
Overflow |
2023-03-10 |
2023-03-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator. |
|
19 |
CVE-2023-27103 |
787 |
|
Overflow |
2023-03-15 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc. |
|
20 |
CVE-2023-27077 |
787 |
|
DoS Overflow |
2023-03-23 |
2023-03-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Stack Overflow vulnerability found in 360 D901 allows a remote attacker to cause a Distributed Denial of Service (DDOS) via a crafted HTTP package. |
|
21 |
CVE-2023-27065 |
120 |
|
DoS Overflow |
2023-03-13 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. |
|
22 |
CVE-2023-27064 |
120 |
|
DoS Overflow |
2023-03-13 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. |
|
23 |
CVE-2023-27063 |
120 |
|
DoS Overflow |
2023-03-13 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. |
|
24 |
CVE-2023-27062 |
120 |
|
DoS Overflow |
2023-03-13 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. |
|
25 |
CVE-2023-27061 |
120 |
|
DoS Overflow |
2023-03-13 |
2023-03-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. |
|
26 |
CVE-2023-27042 |
|
|
Overflow |
2023-03-24 |
2023-03-27 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/SetFirewallCfg. |
|
27 |
CVE-2023-26923 |
|
|
Exec Code Overflow |
2023-03-28 |
2023-03-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that occurs when reading misconfigured midi files. If attacker can additional information, attacker can execute arbitrary code. |
|
28 |
CVE-2023-26806 |
787 |
|
Overflow |
2023-03-19 |
2023-03-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime, |
|
29 |
CVE-2023-26805 |
787 |
|
Overflow |
2023-03-19 |
2023-03-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify. |
|
30 |
CVE-2023-26769 |
120 |
|
DoS Overflow |
2023-03-16 |
2023-03-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c. |
|
31 |
CVE-2023-26768 |
120 |
|
DoS Overflow |
2023-03-16 |
2023-03-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions. |
|
32 |
CVE-2023-26767 |
120 |
|
DoS Overflow |
2023-03-16 |
2023-03-22 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. |
|
33 |
CVE-2023-26488 |
682 |
|
Overflow |
2023-03-03 |
2023-03-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
OpenZeppelin Contracts is a library for secure smart contract development. The ERC721Consecutive contract designed for minting NFTs in batches does not update balances when a batch has size 1 and consists of a single token. Subsequent transfers from the receiver of that token may overflow the balance as reported by `balanceOf`. The issue exclusively presents with batches of size 1. The issue has been patched in 4.8.2. |
|
34 |
CVE-2023-26479 |
755 |
|
Overflow XSS |
2023-03-02 |
2023-03-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
XWiki Platform is a generic wiki platform. Starting in version 6.0, users with write rights can insert well-formed content that is not handled well by the parser. As a consequence, some pages becomes unusable, including the user index (if the page containing the faulty content is a user page) and the page index. Note that on the page, the normal UI is completely missing and it is not possible to open the editor directly to revert the change as the stack overflow is already triggered while getting the title of the document. This means that it is quite difficult to remove this content once inserted. This has been patched in XWiki 13.10.10, 14.4.6, and 14.9-rc-1. A temporary workaround to avoid Stack Overflow errors is to increase the memory allocated to the stack by using the `-Xss` JVM parameter (e.g., `-Xss32m`). This should allow the parser to pass and to fix the faulty content. The consequences for other aspects of the system (e.g., performance) are unknown, and this workaround should be only be used as a temporary solution. The workaround does not prevent the issue occurring again with other content. Consequently, it is strongly advised to upgrade to a version where the issue has been patched. |
|
35 |
CVE-2023-26337 |
121 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
36 |
CVE-2023-26242 |
190 |
|
Overflow |
2023-02-21 |
2023-03-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. |
|
37 |
CVE-2023-26110 |
120 |
|
Overflow |
2023-03-09 |
2023-03-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. |
|
38 |
CVE-2023-26109 |
120 |
|
Overflow |
2023-03-09 |
2023-03-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. |
|
39 |
CVE-2023-26076 |
120 |
|
Overflow |
2023-03-13 |
2023-03-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options. |
|
40 |
CVE-2023-26075 |
120 |
|
Overflow |
2023-03-10 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List. |
|
41 |
CVE-2023-26074 |
787 |
|
Overflow |
2023-03-13 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions. |
|
42 |
CVE-2023-26073 |
787 |
|
Overflow |
2023-03-13 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list. |
|
43 |
CVE-2023-26072 |
787 |
|
Overflow |
2023-03-13 |
2023-03-17 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list. |
|
44 |
CVE-2023-25903 |
190 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
45 |
CVE-2023-25898 |
122 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
46 |
CVE-2023-25897 |
122 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
47 |
CVE-2023-25895 |
122 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
48 |
CVE-2023-25890 |
122 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
49 |
CVE-2023-25885 |
122 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
|
50 |
CVE-2023-25883 |
122 |
|
Exec Code Overflow |
2023-03-28 |
2023-03-29 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Adobe Dimension versions 3.4.7 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
