Total
2430 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40997 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'gre index <1-8> destination A.B.C.D/M description (WORD|null)' command template. | |||||
| CVE-2023-27063 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainName parameter in the formModifyDnsForward function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2022-45715 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function. | |||||
| CVE-2022-46545 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. | |||||
| CVE-2023-27853 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device. | |||||
| CVE-2022-47663 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609 | |||||
| CVE-2023-22756 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2024-02-28 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2022-45644 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function. | |||||
| CVE-2023-27061 | 1 Tenda | 2 W15e, W15e Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterListRemark parameter in the modifyWifiFilterRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2021-26409 | 1 Amd | 2 Milanpi, Milanpi Firmware | 2024-02-28 | N/A | 7.8 HIGH |
| Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of SNP (Secure Nested Paging) memory integrity. | |||||
| CVE-2022-42756 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-28 | N/A | 5.5 MEDIUM |
| In sensor driver, there is a possible buffer overflow due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2023-26109 | 1 Node-bluetooth-serial-port Project | 1 Node-bluetooth-serial-port | 2024-02-28 | N/A | 9.8 CRITICAL |
| All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. | |||||
| CVE-2022-41008 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no port redirect protocol (tcp|udp|tcp/udp) inport <1-65535> dstaddr A.B.C.D export <1-65535> description WORD' command template. | |||||
| CVE-2022-45714 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function. | |||||
| CVE-2022-46537 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-45652 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function. | |||||
| CVE-2022-41030 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no wlan filter mac address WORD descript WORD' command template. | |||||
| CVE-2022-40986 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the '(ddns1|ddns2) mx WORD' command template. | |||||
| CVE-2022-45710 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function. | |||||
| CVE-2022-45995 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414. | |||||