Total
733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-37055 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-01-06 | N/A | 9.8 CRITICAL |
| D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main, | |||||
| CVE-2023-1329 | 1 Hp | 1914 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy14a Firmware, Laserjet Managed Mfp E62665 3gy15a and 1911 more | 2024-12-31 | N/A | 9.8 CRITICAL |
| A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products. | |||||
| CVE-2018-9418 | 1 Google | 1 Android | 2024-12-18 | N/A | 9.8 CRITICAL |
| In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29646 | 2024-12-18 | N/A | 9.8 CRITICAL | ||
| Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the name, type, or group fields. | |||||
| CVE-2024-38922 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL |
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose. | |||||
| CVE-2024-29671 | 2024-12-17 | N/A | 9.8 CRITICAL | ||
| Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to execute arbitrary code via the POST request handler component. | |||||
| CVE-2020-20703 | 1 Vim | 1 Vim | 2024-12-10 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | |||||
| CVE-2023-34563 | 1 Netgear | 2 R6250, R6250 Firmware | 2024-12-09 | N/A | 9.8 CRITICAL |
| netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. | |||||
| CVE-2024-55564 | 2024-12-09 | N/A | 9.8 CRITICAL | ||
| The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. | |||||
| CVE-2024-37863 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file. | |||||
| CVE-2024-37861 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file. | |||||
| CVE-2024-52533 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character. | |||||
| CVE-2024-48406 | 2024-12-04 | N/A | 9.8 CRITICAL | ||
| Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an attacker to execute arbitrary code via the power(uct_int_t x, uct_int_t n) in src/uct_upstream.c. | |||||
| CVE-2024-48984 | 2024-11-25 | N/A | 9.8 CRITICAL | ||
| An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc. In doing this, it tracks the largest report so it can later allocate a buffer that fits every individual report (but only one at a time). It does not, however, validate that these addresses are all contained within the buffer passed to hciEvtProcessLeExtAdvReport. It is then possible, though unlikely, that the buffer designated to hold the reports is allocated in such a way that one of these out-of-bounds length fields is contained within the new buffer. When the (n-1)th report is copied, it overwrites the length field of the nth report. This now corrupted length field is then used for a memcpy into the new buffer, which may lead to a buffer overflow. | |||||
| CVE-2024-52759 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2024-11-22 | N/A | 9.8 CRITICAL |
| D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. | |||||
| CVE-2024-7490 | 1 Microchip | 1 Advanced Software Framework | 2024-11-21 | N/A | 9.8 CRITICAL |
| Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option. This issue affects Advanced Software Framework: through 3.52.0.2574. ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework. | |||||
| CVE-2024-4143 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability. | |||||
| CVE-2024-40415 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. | |||||
| CVE-2024-40130 | 1 Open5gs | 1 Open5gs | 2024-11-21 | N/A | 9.8 CRITICAL |
| open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c. | |||||
| CVE-2024-3871 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successful exploitation of these flaws would allow remote unauthenticated attackers to gain remote code execution with elevated privileges on the affected devices. This issue affects DVW-W02W2-E2 through version 2.5.2. | |||||