Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-120
Total 1596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-33213 1 Qualcomm 418 Apq8009, Apq8009 Firmware, Apq8009w and 415 more 2023-03-15 N/A 8.8 HIGH
Memory corruption in modem due to buffer overflow while processing a PPP packet
CVE-2022-25655 1 Qualcomm 476 Apq8009, Apq8009 Firmware, Apq8017 and 473 more 2023-03-15 N/A 7.8 HIGH
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
CVE-2023-26110 1 Node-bluetooth Project 1 Node-bluetooth 2023-03-15 N/A 9.8 CRITICAL
All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.
CVE-2023-26109 1 Node-bluetooth-serial-port Project 1 Node-bluetooth-serial-port 2023-03-15 N/A 9.8 CRITICAL
All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.
CVE-2023-20624 2 Google, Mediatek 16 Android, Mt6789, Mt6833 and 13 more 2023-03-12 N/A 6.7 MEDIUM
In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628530; Issue ID: ALPS07628530.
CVE-2023-1190 1 Imageinfo Project 1 Imageinfo 2023-03-10 N/A 7.8 HIGH
A vulnerability was found in xiaozhuai imageinfo up to 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file imageinfo.hpp. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-222362 is the identifier assigned to this vulnerability.
CVE-2023-22752 1 Arubanetworks 2 Arubaos, Sd-wan 2023-03-10 N/A 9.8 CRITICAL
There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-22753 1 Arubanetworks 2 Arubaos, Sd-wan 2023-03-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-22754 1 Arubanetworks 2 Arubaos, Sd-wan 2023-03-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-22755 1 Arubanetworks 2 Arubaos, Sd-wan 2023-03-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-22756 1 Arubanetworks 2 Arubaos, Sd-wan 2023-03-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2022-47664 1 Struktur 1 Libde265 2023-03-10 N/A 7.8 HIGH
Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse
CVE-2023-22757 1 Arubanetworks 2 Arubaos, Sd-wan 2023-03-10 N/A 9.8 CRITICAL
There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE-2023-23513 1 Apple 1 Macos 2023-03-08 N/A 9.8 CRITICAL
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.
CVE-2023-0996 1 Struktur 1 Libheif 2023-03-07 N/A 7.8 HIGH
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.
CVE-2022-48260 1 Huawei 2 Bisheng-wnm, Bisheng-wnm Firmware 2023-03-07 N/A 7.5 HIGH
There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions.
CVE-2021-42553 1 St 1 Stm32 Mw Usb Host 2023-03-07 N/A 9.8 CRITICAL
A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs.
CVE-2019-19907 1 Kopano 1 Groupware Core 2023-03-06 7.5 HIGH 9.8 CRITICAL
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.
CVE-2021-40241 1 Xfig Project 1 Xfig 2023-03-05 N/A 9.8 CRITICAL
xfig 3.2.7 is vulnerable to Buffer Overflow.
CVE-2002-0062 5 Debian, Freebsd, Gnu and 2 more 5 Debian Linux, Freebsd, Ncurses and 2 more 2023-03-03 7.2 HIGH N/A
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."