Total
1013 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-30599 | 2024-08-01 | N/A | 8.8 HIGH | ||
Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function. | |||||
CVE-2024-30597 | 2024-08-01 | N/A | 6.5 MEDIUM | ||
Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function. | |||||
CVE-2024-30592 | 2024-08-01 | N/A | 8.0 HIGH | ||
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the page parameter of the fromAddressNat function. | |||||
CVE-2024-30590 | 2024-08-01 | N/A | 6.5 MEDIUM | ||
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function. | |||||
CVE-2024-30585 | 2024-08-01 | N/A | 6.5 MEDIUM | ||
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the saveParentControlInfo function. | |||||
CVE-2024-30583 | 2024-08-01 | N/A | 8.0 HIGH | ||
Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the fromAddressNat function. | |||||
CVE-2024-28535 | 1 Tenda | 1 Ac18 Firmware | 2024-08-01 | N/A | 9.8 CRITICAL |
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function. | |||||
CVE-2024-27657 | 2024-08-01 | N/A | 8.8 HIGH | ||
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||||
CVE-2024-27656 | 2024-08-01 | N/A | 8.8 HIGH | ||
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||||
CVE-2024-27655 | 2024-08-01 | N/A | 8.8 HIGH | ||
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution. | |||||
CVE-2024-27567 | 2024-08-01 | N/A | 6.5 MEDIUM | ||
LBT T300- T390 v2.2.1.8 were discovered to contain a stack overflow via the vpn_client_ip parameter in the config_vpn_pptp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
CVE-2024-26304 | 2024-08-01 | N/A | 9.8 CRITICAL | ||
There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
CVE-2024-25756 | 2024-08-01 | N/A | 8.0 HIGH | ||
A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formWifiBasicSet function. | |||||
CVE-2024-25753 | 2024-08-01 | N/A | 8.8 HIGH | ||
Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function. | |||||
CVE-2024-25391 | 2024-08-01 | N/A | 8.4 HIGH | ||
A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2. | |||||
CVE-2023-50434 | 2024-08-01 | N/A | 9.8 CRITICAL | ||
emdns_resolve_raw in emdns.c in emdns through fbd1eef calls strlen with an input that may not be '\0' terminated, leading to a stack-based buffer over-read. This can be triggered by a remote adversary that can send DNS requests to the emdns server. The impact could vary depending on the system libraries, compiler, and processor architecture. Code before be565c3 is unaffected. | |||||
CVE-2023-46223 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-08-01 | N/A | 9.8 CRITICAL |
An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | |||||
CVE-2023-24334 | 2024-08-01 | N/A | 8.0 HIGH | ||
A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter. | |||||
CVE-2020-8006 | 2024-08-01 | N/A | 8.8 HIGH | ||
The server in Circontrol Raption through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The ocpp1.5 and pwrstudio binaries on the charging station do not use a number of common exploitation mitigations. In particular, there are no stack canaries and they do not use the Position Independent Executable (PIE) format. | |||||
CVE-2024-38509 | 2024-07-29 | N/A | 7.2 HIGH | ||
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to execute arbitrary code via a specially crafted IPMI command. |