Total
2429 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-51888 | 1 Ctan | 1 Mathtex | 2024-09-05 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL. | |||||
CVE-2023-46001 | 1 Gpac | 1 Gpac | 2024-09-05 | N/A | 5.5 MEDIUM |
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data. | |||||
CVE-2024-6343 | 1 Zyxel | 16 Atp100, Atp100w, Atp200 and 13 more | 2024-09-05 | N/A | 4.9 MEDIUM |
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
CVE-2024-27619 | 2024-09-04 | N/A | 7.3 HIGH | ||
Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user having read/write access to ftp server can write directly to ram causing buffer overflow if file or files uploaded are greater than available ram. Ftp server allows change of directory to root which is one level up than root of usb flash directory. During upload ram is getting filled and causing system resource exhaustion (no free memory) which causes system to crash and reboot. | |||||
CVE-2024-33052 | 1 Qualcomm | 406 205 Mobile, 205 Mobile Firmware, 215 Mobile and 403 more | 2024-09-04 | N/A | 7.8 HIGH |
Memory corruption when user provides data for FM HCI command control operations. | |||||
CVE-2024-33042 | 1 Qualcomm | 406 205, 205 Firmware, 215 and 403 more | 2024-09-04 | N/A | 7.8 HIGH |
Memory corruption when Alternative Frequency offset value is set to 255. | |||||
CVE-2024-33054 | 1 Qualcomm | 66 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 63 more | 2024-09-04 | N/A | 7.8 HIGH |
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. | |||||
CVE-2023-46363 | 1 Jbig2enc Project | 1 Jbig2enc | 2024-09-04 | N/A | 5.5 MEDIUM |
jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512. | |||||
CVE-2024-41435 | 2024-09-03 | N/A | 7.5 HIGH | ||
YugabyteDB v2.21.1.0 was discovered to contain a buffer overflow via the "insert into" parameter. | |||||
CVE-2024-41436 | 2024-09-03 | N/A | 7.5 HIGH | ||
ClickHouse v24.3.3.102 was discovered to contain a buffer overflow via the component DB::evaluateConstantExpressionImpl. | |||||
CVE-2024-33773 | 2024-09-03 | N/A | 6.5 MEDIUM | ||
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanGuestSetup allows remote authenticated users to trigger a denial of service (DoS) through the parameter "webpage." | |||||
CVE-2024-8078 | 1 Totolink | 2 Ac1200 T8, T8 Firmware | 2024-08-29 | 9.0 HIGH | 9.8 CRITICAL |
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. It has been declared as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to buffer overflow. The attack can be initiated remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-8079 | 1 Totolink | 2 Ac1200 T8, T8 Firmware | 2024-08-29 | 9.0 HIGH | 9.8 CRITICAL |
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228. It has been rated as critical. This issue affects the function exportOvpn. The manipulation leads to buffer overflow. The attack may be initiated remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-8076 | 1 Totolink | 2 Ac1200 T8, T8 Firmware | 2024-08-29 | 9.0 HIGH | 9.8 CRITICAL |
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this issue is the function setDiagnosisCfg. The manipulation leads to buffer overflow. The attack may be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-34198 | 2024-08-29 | N/A | 9.8 CRITICAL | ||
TOTOLINK AC1200 Wireless Router A3002RU V2.1.1-B20230720.1011 is vulnerable to Buffer Overflow. The formWlEncrypt CGI handler in the boa program fails to limit the length of the wlan_ssid field from user input. This allows attackers to craft malicious HTTP requests by supplying an excessively long value for the wlan_ssid field, leading to a stack overflow. This can be further exploited to execute arbitrary commands or launch denial-of-service attacks. | |||||
CVE-2024-24479 | 2024-08-29 | N/A | 7.5 HIGH | ||
A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | |||||
CVE-2023-52103 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-29 | N/A | 9.8 CRITICAL |
Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||||
CVE-2023-49468 | 1 Struktur | 1 Libde265 | 2024-08-28 | N/A | 8.8 HIGH |
Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc. | |||||
CVE-2021-38160 | 4 Debian, Linux, Netapp and 1 more | 9 Debian Linux, Linux Kernel, Element Software and 6 more | 2024-08-27 | 7.2 HIGH | 7.8 HIGH |
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior | |||||
CVE-2024-41285 | 1 Fastcom | 2 Fw300r, Fw300r Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
A stack overflow in FAST FW300R v1.3.13 Build 141023 Rel.61347n allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path. |