CVE-2023-5403

HIGH Year: 2023
CVSS v3 Score
8.1
High
Weakness Type
CWE-121
View all →

Vulnerability Description

Server hostname translation to IP address manipulation which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning.

Related Vulnerabilities

CVE-2019-19333

HIGH
CVSS:8.1(High)

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrus...

CWE-1212019

CVE-2019-19334

HIGH
CVSS:8.1(High)

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse...

CWE-1212019

CVE-2020-15636

HIGH
CVSS:8.1(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84_10.0...

CWE-1212020

CVE-2020-25854

HIGH
CVSS:8.1(High)

The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt...

CWE-1212020

CVE-2020-25855

HIGH
CVSS:8.1(High)

The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, result...

CWE-1212020

CVE-2020-25856

HIGH
CVSS:8.1(High)

The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operatio...

CWE-1212020