Total
992 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-28566 | 2024-08-02 | N/A | 8.4 HIGH | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format. | |||||
| CVE-2023-39435 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-08-02 | N/A | 9.8 CRITICAL |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to stack-based overflows. During the process of updating certain settings sent from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | |||||
| CVE-2024-28550 | 2024-08-02 | N/A | 4.3 MEDIUM | ||
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function. | |||||
| CVE-2023-29583 | 1 Yasm Project | 1 Yasm | 2024-08-02 | N/A | 5.5 MEDIUM |
| yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code. | |||||
| CVE-2023-4249 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-08-02 | N/A | 9.8 CRITICAL |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests. | |||||
| CVE-2023-3959 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-08-02 | N/A | 9.8 CRITICAL |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | |||||
| CVE-2024-5602 | 2024-08-01 | N/A | 7.8 HIGH | ||
| A stack-based buffer overflow vulnerability due to a missing bounds check in the NI I/O Trace Tool may result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted nitrace file. The NI I/O Trace tool is installed as part of the NI System Configuration utilities included with many NI software products. Refer to the NI Security Advisory for identifying the version of NI IO Trace.exe installed. The NI I/O Trace tool was also previously released as NI Spy. | |||||
| CVE-1999-0029 | 1 Sgi | 1 Irix | 2024-08-01 | 7.2 HIGH | 8.4 HIGH |
| root privileges via buffer overflow in ordist command on SGI IRIX systems. | |||||
| CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2024-08-01 | 7.2 HIGH | 7.8 HIGH |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. | |||||
| CVE-1999-0006 | 1 Qualcomm | 1 Qpopper | 2024-08-01 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. | |||||
| CVE-2024-30638 | 2024-08-01 | N/A | 4.3 MEDIUM | ||
| Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability via the entrys parameter in the fromAddressNat function. | |||||
| CVE-2024-30631 | 2024-08-01 | N/A | 4.3 MEDIUM | ||
| Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the schedStartTime parameter from setSchedWifi function. | |||||
| CVE-2024-30612 | 2024-08-01 | N/A | 8.1 HIGH | ||
| Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function. | |||||
| CVE-2024-30588 | 2024-08-01 | N/A | 4.3 MEDIUM | ||
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function. | |||||
| CVE-2024-30166 | 2024-08-01 | N/A | 9.1 CRITICAL | ||
| In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello. | |||||
| CVE-2024-41881 | 2024-08-01 | N/A | 8.8 HIGH | ||
| SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment. | |||||
| CVE-2024-41492 | 2024-08-01 | N/A | 7.5 HIGH | ||
| A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-41466 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting. | |||||
| CVE-2024-41465 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm. | |||||
| CVE-2024-41463 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat. | |||||