Total
710 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26354 | 1 Amd | 304 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 301 more | 2025-01-28 | N/A | 5.5 MEDIUM |
| Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a loss of integrity. | |||||
| CVE-2024-57184 | 2025-01-24 | N/A | 5.5 MEDIUM | ||
| An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS) via a crafted MP4 file. | |||||
| CVE-2024-0816 | 1 Zyxel | 130 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 127 more | 2025-01-22 | N/A | 5.5 MEDIUM |
| The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device. | |||||
| CVE-2023-37929 | 1 Zyxel | 64 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 61 more | 2025-01-22 | N/A | 6.5 MEDIUM |
| The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
| CVE-2024-9197 | 1 Zyxel | 72 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 69 more | 2025-01-21 | N/A | 4.9 MEDIUM |
| A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled. | |||||
| CVE-2022-24807 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 15 Debian Linux, Fedora, Net-snmp and 12 more | 2025-01-17 | N/A | 6.5 MEDIUM |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2022-24805 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 15 Debian Linux, Fedora, Net-snmp and 12 more | 2025-01-17 | N/A | 6.5 MEDIUM |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2024-48806 | 2025-01-16 | N/A | 6.8 MEDIUM | ||
| Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field | |||||
| CVE-2023-43526 | 1 Qualcomm | 76 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 73 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption while querying module parameters from Listen Sound model client in kernel from user space. | |||||
| CVE-2023-43525 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption while copying the sound model data from user to kernel buffer during sound model register. | |||||
| CVE-2023-43524 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 111 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption when the bandpass filter order received from AHAL is not within the expected range. | |||||
| CVE-2024-12147 | 2025-01-14 | 6.8 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-50821 | 2025-01-14 | N/A | 6.2 MEDIUM | ||
| A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition. | |||||
| CVE-2023-43515 | 1 Qualcomm | 12 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 9 more | 2025-01-13 | N/A | 6.6 MEDIUM |
| Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled. | |||||
| CVE-2024-56456 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 6.8 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56455 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56454 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56453 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 6.8 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56452 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56450 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-13 | N/A | 6.3 MEDIUM |
| Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability. | |||||