Total
992 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-28283 | 2024-08-06 | N/A | 6.7 MEDIUM | ||
| There is stack-based buffer overflow vulnerability in pc_change_act function in Linksys E1000 router firmware version v.2.1.03 and before, leading to remote code execution. | |||||
| CVE-2023-51147 | 2024-08-05 | N/A | 8.0 HIGH | ||
| Buffer Overflow vulnerability in TRENDnet Trendnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via the adm_mod_pwd action. | |||||
| CVE-2024-28578 | 2024-08-05 | N/A | 8.4 HIGH | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Load() function when reading images in RAS format. | |||||
| CVE-2024-28551 | 2024-08-05 | N/A | 7.5 HIGH | ||
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the ssid parameter of form_fast_setting_wifi_set function. | |||||
| CVE-2024-25331 | 2024-08-05 | N/A | 9.3 CRITICAL | ||
| DIR-822 Rev. B Firmware v2.02KRB09 and DIR-822-CA Rev. B Firmware v2.03WWb01 suffer from a LAN-Side Unauthenticated Remote Code Execution (RCE) vulnerability elevated from HNAP Stack-Based Buffer Overflow. | |||||
| CVE-2024-23138 | 2024-08-05 | N/A | 7.5 HIGH | ||
| A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2021-30496 | 1 Telegram | 1 Telegram | 2024-08-03 | 3.5 LOW | 5.7 MEDIUM |
| ** DISPUTED ** The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor's perspective is that "this behavior can't be considered a vulnerability." | |||||
| CVE-2023-51148 | 2024-08-03 | N/A | 8.0 HIGH | ||
| An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component. | |||||
| CVE-2022-47065 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-08-03 | N/A | 8.8 HIGH |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-45924 | 2024-08-02 | N/A | 9.8 CRITICAL | ||
| libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. | |||||
| CVE-2023-45225 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-08-02 | N/A | 9.8 CRITICAL |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP CamerasĀ with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | |||||
| CVE-2023-43755 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-08-02 | N/A | 9.8 CRITICAL |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. During the processing and parsing of certain fields in XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | |||||
| CVE-2024-28582 | 2024-08-02 | N/A | 8.4 HIGH | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format. | |||||
| CVE-2024-28581 | 2024-08-02 | N/A | 8.4 HIGH | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format. | |||||
| CVE-2024-28580 | 2024-08-02 | N/A | 8.4 HIGH | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format. | |||||
| CVE-2024-28575 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_read_mct() function when reading images in J2K format. | |||||
| CVE-2024-28574 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_copy_default_tcp_and_create_tcd() function when reading images in J2K format. | |||||
| CVE-2024-28573 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in JPEG format. | |||||
| CVE-2024-28568 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the read_iptc_profile() function when reading images in TIFF format. | |||||
| CVE-2024-28567 | 2024-08-02 | N/A | 6.2 MEDIUM | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_CreateICCProfile() function when reading images in TIFF format. | |||||