Total
2241 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-40416 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 6.5 Medium |
| A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | ||||
| CVE-2024-40414 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 9.6 Critical |
| A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | ||||
| CVE-2024-40412 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | 6.8 Medium |
| Tenda AX12 v1.0 v22.03.01.46 contains a stack overflow in the deviceList parameter of the sub_42E410 function. | ||||
| CVE-2024-3874 | 2024-11-21 | 8.8 High | ||
| A vulnerability was found in Tenda W20E 15.11.0.6. It has been declared as critical. This vulnerability affects the function formSetRemoteWebManage of the file /goform/SetRemoteWebManage. The manipulation of the argument remoteIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260908. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3286 | 2024-11-21 | 7.5 High | ||
| A buffer overflow vulnerability was identified in some Lenovo printers that could allow an unauthenticated user to trigger a device restart by sending a specially crafted web request. | ||||
| CVE-2024-3079 | 1 Asus | 7 Rt-ac68u Firmware, Rt-ac86u Firmware, Rt-ax57 Firmware and 4 more | 2024-11-21 | 7.2 High |
| Certain models of ASUS routers have buffer overflow vulnerabilities, allowing remote attackers with administrative privileges to execute arbitrary commands on the device. | ||||
| CVE-2024-39880 | 1 Deltaww | 1 Cncsoft-g2 | 2024-11-21 | 7.8 High |
| Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2024-38509 | 2024-11-21 | 7.2 High | ||
| A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC user with elevated privileges to execute arbitrary code via a specially crafted IPMI command. | ||||
| CVE-2024-38443 | 2024-11-21 | 6.2 Medium | ||
| C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements. | ||||
| CVE-2024-37645 | 1 Trendnet | 1 Tew-814dap | 2024-11-21 | 8.8 High |
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog . | ||||
| CVE-2024-37643 | 1 Trendnet | 1 Tew-814dap | 2024-11-21 | 8.8 High |
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth . | ||||
| CVE-2024-37641 | 1 Trendnet | 1 Tew-814dap | 2024-11-21 | 8.8 High |
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule | ||||
| CVE-2024-37640 | 1 Totolink | 1 A3700r Firmware | 2024-11-21 | 8.8 High |
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg. | ||||
| CVE-2024-37639 | 1 Totolink | 1 A3700r Firmware | 2024-11-21 | 8.8 High |
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules. | ||||
| CVE-2024-37635 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg | ||||
| CVE-2024-37633 | 1 Totolink | 1 A3700r Firmware | 2024-11-21 | 8.8 High |
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg | ||||
| CVE-2024-37631 | 1 Totolink | 1 A3700r Firmware | 2024-11-21 | 8.8 High |
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule. | ||||
| CVE-2024-37280 | 1 Elastic | 1 Elasticsearch | 2024-11-21 | 4.9 Medium |
| A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature. | ||||
| CVE-2024-37029 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2024-11-21 | 7.8 High |
| Fuji Electric Tellus Lite V-Simulator is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. | ||||
| CVE-2024-36600 | 1 Gnu | 1 Libcdio | 2024-11-21 | 8.4 High |
| Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. | ||||