Search

Search Results (363290 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-49595 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-49593 2 Level1, Level One 3 Wbr-6013, Wbr-6013 Firmware, Wbr6013 2025-11-04 7.2 High
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.
CVE-2023-49528 2 Fedoraproject, Ffmpeg 2 Fedora, Ffmpeg 2025-11-04 8 High
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
CVE-2023-49502 2 Fedoraproject, Ffmpeg 2 Fedora, Ffmpeg 2025-11-04 8.8 High
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
CVE-2023-49501 2 Fedoraproject, Ffmpeg 2 Fedora, Ffmpeg 2025-11-04 8 High
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.
CVE-2023-49073 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-48270 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-47856 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-47677 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 8.8 High
A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2023-47212 3 Fedoraproject, Nothings, Stb Vorbis Project 3 Fedora, Stb Vorbis.c, Stb Vorbis 2025-11-04 9.8 Critical
A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2023-47166 1 Milesight 2 Ur32l, Ur32l Firmware 2025-11-04 8.8 High
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network request can lead to arbitrary firmware update. An attacker can send a network request to trigger this vulnerability.
CVE-2023-46685 3 Level1, Level One, Realtek 4 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 1 more 2025-11-04 9.8 Critical
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A set of specially crafted network packets can lead to arbitrary command execution.
CVE-2023-45742 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-45362 1 Mediawiki 1 Mediawiki 2025-11-04 4.3 Medium
An issue was discovered in DifferenceEngine.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. diff-multi-sameuser (aka "X intermediate revisions by the same user not shown") ignores username suppression. This is an information leak.
CVE-2023-45360 1 Mediawiki 1 Mediawiki 2025-11-04 5.4 Medium
An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers.
CVE-2023-45215 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-43665 3 Djangoproject, Fedoraproject, Redhat 6 Django, Fedora, Ansible Automation Platform and 3 more 2025-11-04 7.5 High
In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.
CVE-2023-41251 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2023-41164 3 Djangoproject, Fedoraproject, Redhat 6 Django, Fedora, Ansible Automation Platform and 3 more 2025-11-04 7.5 High
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
CVE-2023-36617 2 Redhat, Ruby-lang 2 Enterprise Linux, Uri 2025-11-04 5.3 Medium
A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version.