Search Results (20405 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-45601 1 Siemens 2 Parasolid, Tecnomatix 2024-11-21 7.8 High
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290)
CVE-2023-45580 1 Dlink 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function
CVE-2023-45579 2 D-link, Dlink 21 Di-7003gv2.d1, Di-700g Plus V2.d1, Di-7100g.v2.d1 and 18 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function.
CVE-2023-45578 2 D-link, Dlink 21 Di-7003gv2.d1, Di-7100g.v2.d1, Di-7100gv2.d1 and 18 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function.
CVE-2023-45577 2 D-link, Dlink 20 Di-7003gv2.d1, Di-7100gv2.d1, Di-7200g Plus V2.d1 and 17 more 2024-11-21 9.8 Critical
Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function.
CVE-2023-45576 2 D-link, Dlink 20 Di-7003gv2.d1, Di-7100gv2.d1, Di-7200g.v2.d1 and 17 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the remove_ext_proto/remove_ext_port parameter of the upnp_ctrl.asp function.
CVE-2023-45575 2 D-link, Dlink 21 Di-7003gv2.d1, Di-7100g.v2.d1, Di-7100gv2.d1 and 18 more 2024-11-21 9.8 Critical
Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function.
CVE-2023-45574 2 D-link, Dlink 21 Di-7003gv2.d1, Di-7100g.v2.d1, Di-7100gv2.d1 and 18 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the file.data function.
CVE-2023-45573 2 D-link, Dlink 21 Di-7003gv2.d1, Di-7100g.v2.d1, Di-7100gv2.d1 and 18 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function.
CVE-2023-45572 1 Dlink 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more 2024-11-21 9.8 Critical
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.
CVE-2023-45484 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.
CVE-2023-45483 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.
CVE-2023-45482 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
CVE-2023-45480 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.
CVE-2023-45479 1 Tenda 2 Ac10, Ac10 Firmware 2024-11-21 9.8 Critical
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.
CVE-2023-45467 1 Netis-systems 2 N3m, N3m Firmware 2024-11-21 9.8 Critical
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.
CVE-2023-45158 1 Web2py 1 Web2py 2024-11-21 9.8 Critical
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging (not the default configuration), a crafted web request may execute an arbitrary OS command on the web server using the product.
CVE-2023-44808 1 Dlink 2 Dir-820l, Dir-820l Firmware 2024-11-21 9.8 Critical
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.
CVE-2023-44807 2 D-link, Dlink 3 Dir-820l, Dir-820l, Dir-820l Firmware 2024-11-21 9.8 Critical
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.
CVE-2023-44330 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-11-21 7.8 High
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.