Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-45653 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function. | |||||
CVE-2022-38459 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 8.8 HIGH |
A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | |||||
CVE-2020-27507 | 1 Kamailio | 1 Kamailio | 2024-02-28 | N/A | 9.8 CRITICAL |
The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact. | |||||
CVE-2022-41009 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'port triger protocol (tcp|udp|tcp/udp) triger port <1-65535> forward port <1-65535> description WORD' command template. | |||||
CVE-2023-27064 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the index parameter in the formDelDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2022-41015 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off)' command template. | |||||
CVE-2022-32529 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-02-28 | N/A | 9.8 CRITICAL |
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
CVE-2022-42273 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-02-28 | N/A | 8.8 HIGH |
NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution. | |||||
CVE-2022-45657 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | |||||
CVE-2022-46533 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState. | |||||
CVE-2022-41010 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no port triger protocol (tcp|udp|tcp/udp) triger port <1-65535> forward port <1-65535> description WORD' command template. | |||||
CVE-2022-45997 | 1 Tenda | 2 W15e, W20e Firmware | 2024-02-28 | N/A | 7.2 HIGH |
Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow. | |||||
CVE-2022-45671 | 1 Tenda | 2 I22, I22 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function. | |||||
CVE-2022-46548 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/DhcpListClient. | |||||
CVE-2022-46535 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState. | |||||
CVE-2022-42261 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2024-02-28 | N/A | 7.8 HIGH |
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. | |||||
CVE-2022-46536 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState. | |||||
CVE-2022-46547 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer. | |||||
CVE-2023-26110 | 1 Node-bluetooth Project | 1 Node-bluetooth | 2024-02-28 | N/A | 9.8 CRITICAL |
All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. | |||||
CVE-2022-45672 | 1 Tenda | 2 I22, I22 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function. |