Total
2429 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0820 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2024-10-17 | 9.0 HIGH | 8.8 HIGH |
| Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP SP2 and SP3 and Windows Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) in Windows Vista SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote authenticated users to execute arbitrary code via malformed LDAP messages, aka "LSASS Heap Overflow Vulnerability." | |||||
| CVE-2023-32859 | 2 Google, Mediatek | 45 Android, Mt6761, Mt6765 and 42 more | 2024-10-17 | N/A | 6.7 MEDIUM |
| In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. | |||||
| CVE-2024-23375 | 1 Qualcomm | 28 Sa4150p, Sa4150p Firmware, Sa4155p and 25 more | 2024-10-16 | N/A | 6.7 MEDIUM |
| Memory corruption during the network scan request. | |||||
| CVE-2024-23378 | 1 Qualcomm | 36 Qam8255p, Qam8255p Firmware, Qam8650p and 33 more | 2024-10-16 | N/A | 6.7 MEDIUM |
| Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record. | |||||
| CVE-2024-48714 | 2024-10-16 | N/A | 6.5 MEDIUM | ||
| In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | |||||
| CVE-2024-48713 | 2024-10-16 | N/A | 6.5 MEDIUM | ||
| In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | |||||
| CVE-2024-48712 | 2024-10-16 | N/A | 6.5 MEDIUM | ||
| In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | |||||
| CVE-2024-48710 | 2024-10-16 | N/A | 6.5 MEDIUM | ||
| In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. | |||||
| CVE-2024-9782 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formEasySetupWWConfig of the file /goform/formEasySetupWWConfig. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9783 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-619L B1 2.06. It has been rated as critical. This issue affects the function formLogDnsquery of the file /goform/formLogDnsquery. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-21274 | 2024-10-16 | N/A | 7.5 HIGH | ||
| Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2024-9785 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formSetDDNS of the file /goform/formSetDDNS. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9786 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. Affected by this issue is the function formSetLog of the file /goform/formSetLog. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9910 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9911 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-619L B1 2.06. It has been classified as critical. This affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9912 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formSetQoS of the file /goform/formSetQoS. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9913 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-619L B1 2.06. It has been rated as critical. This issue affects the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9908 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 5.2 MEDIUM | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument curTime leads to buffer overflow. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9909 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formSetMuti of the file /goform/formSetMuti. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-9914 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formSetWizardSelectMode of the file /goform/formSetWizardSelectMode. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||