Vulnerabilities (CVE)

Filtered by CWE-121
Total 1859 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-50243 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `comment` request's parameter.
CVE-2023-50240 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `AdvDefaultPreference` request's parameter.
CVE-2023-50239 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `interfacename` request's parameter.
CVE-2023-4756 1 Gpac 1 Gpac 2024-11-21 N/A 5.5 MEDIUM
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
CVE-2023-4744 1 Tenda 2 Ac8, Ac8 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability.
CVE-2023-4685 1 Deltaww 2 Cncsoft-b, Dopsoft 2024-11-21 N/A 7.8 HIGH
Delta Electronics' CNCSoft-B version 1.0.0.4 and DOPSoft versions 4.0.0.82 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code.
CVE-2023-4601 2 Microsoft, Ni 2 Windows, System Configuration 2024-11-21 N/A 8.1 HIGH
A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and all previous versions.
CVE-2023-4249 1 Zavio 22 B8220, B8220 Firmware, B8520 and 19 more 2024-11-21 N/A 8.8 HIGH
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests.
CVE-2023-49867 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVE-2023-49595 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-49424 1 Tenda 2 Ax12, Ax12 Firmware 2024-11-21 N/A 9.8 CRITICAL
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
CVE-2023-49129 1 Siemens 1 Solid Edge Se2023 2024-11-21 N/A 7.8 HIGH
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.
CVE-2023-49073 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-48270 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-47856 2 Level1, Realtek 3 Wbr-6013, Wbr-6013 Firmware, Rtl819x Jungle Software Development Kit 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-46720 1 Fortinet 1 Fortios 2024-11-21 N/A 6.7 MEDIUM
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.
CVE-2023-46714 1 Fortinet 1 Fortios 2024-11-21 N/A 7.2 HIGH
A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests.
CVE-2023-46564 1 Totolink 2 X2000r, X2000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDMZ.
CVE-2023-46563 1 Totolink 2 X2000r, X2000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIpQoS.
CVE-2023-46562 1 Totolink 2 X2000r, X2000r Firmware 2024-11-21 N/A 9.8 CRITICAL
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formDosCfg.