Total
2604 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-7583 | 1 Tenda | 2 I22, I22 Firmware | 2024-08-08 | 9.0 HIGH | 9.8 CRITICAL |
A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-42238 | 1 Linux | 1 Linux Kernel | 2024-08-08 | N/A | 5.5 MEDIUM |
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return error if block header overflows file Return an error from cs_dsp_power_up() if a block header is longer than the amount of data left in the file. The previous code in cs_dsp_load() and cs_dsp_load_coeff() would loop while there was enough data left in the file for a valid region. This protected against overrunning the end of the file data, but it didn't abort the file processing with an error. | |||||
CVE-2024-7331 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-08-01 | 9.0 HIGH | 8.8 HIGH |
A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as critical. Affected by this issue is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273254 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-41660 | 2024-08-01 | N/A | 9.8 CRITICAL | ||
slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon on the BMC. Patches will be available in the latest openbmc/slpd-lite repository. |