Total
1013 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-28551 | 2024-08-05 | N/A | 7.5 HIGH | ||
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the ssid parameter of form_fast_setting_wifi_set function. | |||||
CVE-2024-25331 | 2024-08-05 | N/A | 9.3 CRITICAL | ||
DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution (RCE) vulnerability elevated from HNAP Stack-Based Buffer Overflow. | |||||
CVE-2024-23138 | 2024-08-05 | N/A | 7.5 HIGH | ||
A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
CVE-2021-30496 | 1 Telegram | 1 Telegram | 2024-08-03 | 3.5 LOW | 5.7 MEDIUM |
The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor's perspective is that "this behavior can't be considered a vulnerability." | |||||
CVE-2023-51148 | 2024-08-03 | N/A | 8.0 HIGH | ||
An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component. | |||||
CVE-2022-47065 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-08-03 | N/A | 8.8 HIGH |
TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
CVE-2023-45924 | 2024-08-02 | N/A | 9.8 CRITICAL | ||
libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. | |||||
CVE-2024-28582 | 2024-08-02 | N/A | 8.4 HIGH | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format. | |||||
CVE-2024-28581 | 2024-08-02 | N/A | 8.4 HIGH | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format. | |||||
CVE-2024-28580 | 2024-08-02 | N/A | 8.4 HIGH | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format. | |||||
CVE-2024-28575 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_read_mct() function when reading images in J2K format. | |||||
CVE-2024-28574 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_copy_default_tcp_and_create_tcd() function when reading images in J2K format. | |||||
CVE-2024-28573 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in JPEG format. | |||||
CVE-2024-28568 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the read_iptc_profile() function when reading images in TIFF format. | |||||
CVE-2024-28567 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_CreateICCProfile() function when reading images in TIFF format. | |||||
CVE-2024-28566 | 2024-08-02 | N/A | 8.4 HIGH | ||
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format. | |||||
CVE-2024-28550 | 2024-08-02 | N/A | 4.3 MEDIUM | ||
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function. | |||||
CVE-2023-29583 | 1 Yasm Project | 1 Yasm | 2024-08-02 | N/A | 5.5 MEDIUM |
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | |||||
CVE-2024-5602 | 2024-08-01 | N/A | 7.8 HIGH | ||
A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file. The NI I/O Trace tool is installed as part of the NI System Configuration utilities included with many NI software products. Refer to the NI Security Advisory for identifying the version of NI IO Trace.exe installed. The NI I/O Trace tool was also previously released as NI Spy. | |||||
CVE-1999-0029 | 1 Sgi | 1 Irix | 2024-08-01 | 7.2 HIGH | 8.4 HIGH |
root privileges via buffer overflow in ordist command on SGI IRIX systems. |