Total
12209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-41465 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-11-21 | 7.5 High |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm. | ||||
| CVE-2024-41464 | 2 Tenda, Tendacn | 3 Fh1201, Fh1201, Fh1201 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic | ||||
| CVE-2024-41463 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-11-21 | 4.3 Medium |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat. | ||||
| CVE-2024-41462 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-11-21 | 4.3 Medium |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient. | ||||
| CVE-2024-41461 | 2 Tenda, Tendacn | 3 Fh1201, Fh1201, Fh1201 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient. | ||||
| CVE-2024-41460 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-11-21 | 6.5 Medium |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic. | ||||
| CVE-2024-41459 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-11-21 | 8.8 High |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex. | ||||
| CVE-2024-41439 | 1 Dbohdan | 1 Hicolor | 2024-11-21 | 5.5 Medium |
| A heap buffer overflow in the function cp_block() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. | ||||
| CVE-2024-41131 | 1 Sixlabors | 1 Imagesharp | 2024-11-21 | 7.5 High |
| ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. All users are advised to upgrade to v3.1.5 or v2.1.9. | ||||
| CVE-2024-40764 | 1 Sonicwall | 32 Nsa 2700, Nsa 3700, Nsa 4700 and 29 more | 2024-11-21 | 7.5 High |
| Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service (DoS). | ||||
| CVE-2024-40416 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 6.5 Medium |
| A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | ||||
| CVE-2024-40415 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 9.8 Critical |
| A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | ||||
| CVE-2024-40414 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 9.6 Critical |
| A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | ||||
| CVE-2024-40130 | 1 Open5gs | 1 Open5gs | 2024-11-21 | 9.8 Critical |
| open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c. | ||||
| CVE-2024-40129 | 1 Open5gs | 1 Open5gs | 2024-11-21 | 8.6 High |
| Open5GS v2.6.4 is vulnerable to Buffer Overflow. via /lib/pfcp/context.c. | ||||
| CVE-2024-3299 | 2024-11-21 | 7.8 High | ||
| Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted SLDDRW or SLDPRT file. NOTE: this vulnerability was SPLIT from CVE-2024-1847. | ||||
| CVE-2024-3298 | 2024-11-21 | 7.8 High | ||
| Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF. NOTE: this vulnerability was SPLIT from CVE-2024-1847. | ||||
| CVE-2024-39927 | 2024-11-21 | 8.2 High | ||
| Out-of-bounds write vulnerability exists in Ricoh MFPs and printers. If a remote attacker sends a specially crafted request to the affected products, the products may be able to cause a denial-of-service (DoS) condition and/or user's data may be destroyed. | ||||
| CVE-2024-39883 | 1 Deltaww | 1 Cncsoft-g2 | 2024-11-21 | 8.8 High |
| Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2024-39881 | 1 Deltaww | 1 Cncsoft-g2 | 2024-11-21 | 8.8 High |
| Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||