Total
1056 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32290 | 2024-11-21 | N/A | 6.7 MEDIUM | ||
| Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function. | |||||
| CVE-2024-32288 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromwebExcptypemanFilter function. | |||||
| CVE-2024-32287 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the qos parameter in the fromqossetting function. | |||||
| CVE-2024-32285 | 2024-11-21 | N/A | 8.0 HIGH | ||
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the password parameter in the formaddUserName function. | |||||
| CVE-2024-32228 | 2024-11-21 | N/A | 6.6 MEDIUM | ||
| FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end. | |||||
| CVE-2024-31803 | 2024-11-21 | N/A | 6.2 MEDIUM | ||
| Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT<T>::read_pre_data128_from_file function. | |||||
| CVE-2024-31504 | 1 Embedded-solutions | 1 Freemodbus | 2024-11-21 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in SILA Embedded Solutions GmbH freemodbus v.2018-09-12 allows a remtoe attacker to cause a denial of service via the LINUXTCP server component. | |||||
| CVE-2024-31470 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-31469 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-31468 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-31467 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-31466 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-31163 | 2024-11-21 | N/A | 7.2 HIGH | ||
| ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the device. | |||||
| CVE-2024-31079 | 2024-11-21 | N/A | 4.8 MEDIUM | ||
| When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or causeĀ other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacker has no visibility and limited influence over. | |||||
| CVE-2024-30840 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of service via the LISTEN parameter in the fromDhcpListClient function. | |||||
| CVE-2024-30639 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability in the page parameter of fromAddressNat function. | |||||
| CVE-2024-30638 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the entrys parameter in the fromAddressNat function. | |||||
| CVE-2024-30636 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the PPPOEPassword parameter in the formQuickIndex function. | |||||
| CVE-2024-30634 | 2024-11-21 | N/A | 8.0 HIGH | ||
| Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the mitInterface parameter in the fromAddressNat function. | |||||
| CVE-2024-30633 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the security parameter from the formWifiBasicSet function. | |||||