Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-27722 | 1 Nsasoft | 1 Spotauditor | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the "Key" or "Name" field while registering. | |||||
CVE-2022-24130 | 3 Debian, Fedoraproject, Invisible-island | 3 Debian Linux, Fedora, Xterm | 2024-02-28 | 2.6 LOW | 5.5 MEDIUM |
xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. | |||||
CVE-2021-1966 | 1 Qualcomm | 130 Aqt1000, Aqt1000 Firmware, Ar8031 and 127 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
CVE-2020-23890 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at JPGCodec+0x753648. | |||||
CVE-2021-45529 | 1 Netgear | 20 Cbr40, Cbr40 Firmware, D7000v2 and 17 more | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects CBR40 before 2.3.5.12, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.30, R8000 before 1.0.4.52, and WNR3500Lv2 before 1.2.0.62. | |||||
CVE-2021-33719 | 1 Siemens | 3 Siprotec 5 With Cpu Variant Cp050, Siprotec 5 With Cpu Variant Cp100, Siprotec 5 With Cpu Variant Cp300 | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port 4443/tcp could cause a Denial-of-Service condition or potential remote code execution. | |||||
CVE-2021-31627 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. | |||||
CVE-2021-39925 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | |||||
CVE-2021-45611 | 1 Netgear | 18 Dc112a, Dc112a Firmware, R6400 and 15 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects DC112A before 1.0.0.52, R6400 before 1.0.1.68, RAX200 before 1.0.3.106, WNDR3400v3 before 1.0.1.38, XR300 before 1.0.3.68, R8500 before 1.0.2.144, RAX75 before 1.0.3.106, R8300 before 1.0.2.144, and RAX80 before 1.0.3.106. | |||||
CVE-2021-30303 | 1 Qualcomm | 478 Apq8009, Apq8009 Firmware, Apq8017 and 475 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2021-43002 | 1 Amzetta | 1 Zportal Dvm Tools | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
Amzetta zPortal DVM Tools is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amzetta zPortal DVM Tools <= v3.3.148.148 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
CVE-2021-31845 | 1 Mcafee | 1 Data Loss Prevention Discover | 2024-02-28 | 6.0 MEDIUM | 7.3 HIGH |
A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Discover prior to 11.6.100 allows an attacker in the same network as the DLP Discover to execute arbitrary code through placing carefully constructed Ami Pro (.sam) files onto a machine and having DLP Discover scan it, leading to remote code execution with elevated privileges. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size. | |||||
CVE-2021-25497 | 1 Samsung | 1 Notes | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2020-14124 | 1 Mi | 2 Ax3600, Ax3600 Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12. | |||||
CVE-2021-42972 | 1 Nomachine | 1 Server | 2024-02-28 | 7.2 HIGH | 8.8 HIGH |
NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001B in the NoMachine Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet. | |||||
CVE-2022-22725 | 1 Schneider-electric | 2 Easergy P3, Easergy P3 Firmware | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P3 (All versions prior to V30.205) | |||||
CVE-2022-22723 | 1 Schneider-electric | 2 Easergy P5, Easergy P5 Firmware | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be impacted. Affected Product: Easergy P5 (All firmware versions prior to V01.401.101) | |||||
CVE-2020-23884 | 1 Nomacs | 1 Nomacs | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service (DoS) via a crafted MNG file. | |||||
CVE-2020-21531 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c. | |||||
CVE-2021-30295 | 1 Qualcomm | 248 Apq8017, Apq8017 Firmware, Apq8053 and 245 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |