Total
721 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14788 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types. | |||||
| CVE-2018-14652 | 2 Debian, Redhat | 5 Debian Linux, Enterprise Linux Server, Enterprise Linux Virtualization and 2 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service. | |||||
| CVE-2018-1000117 | 2 Microsoft, Python | 2 Windows, Python | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5. | |||||
| CVE-2017-2879 | 1 Foscam | 2 C1, C1 Firmware | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
| An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted UPnP discovery response can cause a buffer overflow resulting in overwriting arbitrary data. An attacker needs to be in the same subnetwork and reply to a discovery message to trigger this vulnerability. | |||||
| CVE-2017-18770 | 1 Netgear | 6 Plw1000, Plw1000 Firmware, Plw1010 and 3 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R7800 before 1.0.2.36, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14. | |||||
| CVE-2017-18707 | 1 Netgear | 4 R8300, R8300 Firmware, R8500 and 1 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R8300 before 1.0.2.106 and R8500 before 1.0.2.106. | |||||
| CVE-2017-18350 | 1 Bitcoin | 1 Bitcoin Core | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name. | |||||
| CVE-2015-7890 | 1 Samsung | 2 Galaxy S6 Edge, Galaxy S6 Edge Firmware | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter. | |||||
| CVE-2015-5745 | 3 Arista, Fedoraproject, Qemu | 3 Eos, Fedora, Qemu | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message. | |||||
| CVE-2015-20109 | 1 Gnu | 1 Glibc | 2024-11-21 | N/A | 5.5 MEDIUM |
| end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. | |||||
| CVE-2015-10065 | 1 Find Project | 1 Find | 2024-11-21 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as critical was found in AenBleidd FiND. This vulnerability affects the function init_result of the file validator/my_validator.cpp. The manipulation leads to buffer overflow. The patch is identified as ee2eef34a83644f286c9adcaf30437f92e9c48f1. It is recommended to apply a patch to fix this issue. VDB-218458 is the identifier assigned to this vulnerability. | |||||
| CVE-2014-8271 | 1 Tianocore | 1 Edk2 | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name. | |||||
| CVE-2014-1617 | 1 Promotic | 1 Promotic | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| Microsys PROMOTIC 8.2.13 contains an ActiveX Control Start Buffer Overflow vulnerability which can lead to denial of service. | |||||
| CVE-2011-10005 | 1 Easyftp Server Project | 1 Easyftp Server | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716. | |||||
| CVE-2009-4067 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system. | |||||
| CVE-2024-24450 | 2024-11-18 | N/A | 5.3 MEDIUM | ||
| Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN5G AMF <= 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource Setup Response with a suffciently large FailedToSetupList IE. | |||||
| CVE-2024-24447 | 2024-11-18 | N/A | 5.3 MEDIUM | ||
| A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list. | |||||
| CVE-2021-1379 | 2024-11-18 | N/A | 6.5 MEDIUM | ||
| Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone. These vulnerabilities are due to missing checks when the IP phone processes a Cisco Discovery Protocol or LLDP packet. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted IP phone. A successful exploit could allow the attacker to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. | |||||
| CVE-2024-41217 | 2024-11-15 | N/A | 6.5 MEDIUM | ||
| A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to cause Denial of Service (DoS) via a crafted MKV video file. | |||||
| CVE-2024-41206 | 2024-11-15 | N/A | 6.5 MEDIUM | ||
| A stack-based buffer over-read in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Information Disclosure via a crafted TS video file. | |||||