Export limit exceeded: 347711 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (452 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2423 | 1 Rockwellautomation | 2 Armor Powerflex, Armor Powerflex Firmware | 2024-11-21 | 8.6 High |
| A vulnerability was discovered in the Rockwell Automation Armor PowerFlex device when the product sends communications to the local event log. Threat actors could exploit this vulnerability by sending an influx of network commands, causing the product to generate an influx of event log traffic at a high rate. If exploited, the product would stop normal operations and self-reset creating a denial-of-service condition. The error code would need to be cleared prior to resuming normal operations. | ||||
| CVE-2023-28063 | 1 Dell | 582 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 579 more | 2024-11-21 | 6.7 Medium |
| Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2023-24532 | 2 Golang, Redhat | 10 Go, Enterprise Linux, Migration Toolkit Applications and 7 more | 2024-11-21 | 5.3 Medium |
| The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh. | ||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | 6.5 Medium |
| Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-21648 | 1 Qualcomm | 68 Aqt1000, Aqt1000 Firmware, Qca6391 and 65 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in RIL while trying to send apdu packet. | ||||
| CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | ||||
| CVE-2023-20006 | 1 Cisco | 6 Adaptive Security Appliance Software, Firepower 2110, Firepower 2120 and 3 more | 2024-11-21 | 8.6 High |
| A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload. | ||||
| CVE-2022-43663 | 1 Wellintech | 1 Kinghistorian | 2024-11-21 | 8.1 High |
| An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-42324 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-11-21 | 5.5 Medium |
| Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusion in the remainder. This in turn can feed a negative value into logic not expecting a negative value, resulting in unexpected exceptions being thrown. The unexpected exception is not handled suitably, creating a busy-loop trying (and failing) to take the bad packet out of the xenstore ring. | ||||
| CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-11-21 | 8.4 High |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | ||||
| CVE-2022-40225 | 1 Siemens | 3 Siplus Tim 1531 Irc, Siplus Tim 1531 Irc Firmware, Tim 1531 Irc | 2024-11-21 | 6.5 Medium |
| A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices. | ||||
| CVE-2022-40138 | 1 Facebook | 1 Hermes | 2024-11-21 | 9.8 Critical |
| An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | ||||
| CVE-2022-35289 | 1 Facebook | 1 Hermes | 2024-11-21 | 9.8 Critical |
| A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected. | ||||
| CVE-2022-35258 | 1 Ivanti | 3 Connect Secure, Neurons For Zero-trust Access, Policy Secure | 2024-11-21 | 7.5 High |
| An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1. | ||||
| CVE-2022-33296 | 1 Qualcomm | 228 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 225 more | 2024-11-21 | 5.9 Medium |
| Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | ||||
| CVE-2022-33248 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-11-21 | 7.8 High |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | ||||
| CVE-2022-32547 | 3 Fedoraproject, Imagemagick, Redhat | 3 Fedora, Imagemagick, Enterprise Linux | 2024-11-21 | 7.8 High |
| In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. | ||||
| CVE-2022-30780 | 1 Lighttpd | 1 Lighttpd | 2024-11-21 | 7.5 High |
| Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers. | ||||
| CVE-2022-30600 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 9.8 Critical |
| A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. | ||||
| CVE-2022-2639 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2024-11-21 | 7.8 High |
| An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||