Total
2602 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29068 | 1 Netgear | 160 Ac2100, Ac2100 Firmware, Ac2400 and 157 more | 2021-03-27 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. | |||||
| CVE-2021-26570 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2021-03-26 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function. | |||||
| CVE-2020-11299 | 1 Qualcomm | 762 Apq8009, Apq8009 Firmware, Apq8009w and 759 more | 2021-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-27965 | 1 Msi | 1 Dragon Center | 2021-03-16 | 7.5 HIGH | 9.8 CRITICAL |
| The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request. | |||||
| CVE-2020-35224 | 1 Netgear | 4 Gs116e, Gs116e Firmware, Jgs516pe and 1 more | 2021-03-15 | 6.1 MEDIUM | 6.5 MEDIUM |
| A buffer overflow vulnerability in the NSDP protocol authentication method on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote unauthenticated attackers to force a device reboot. | |||||
| CVE-2020-35225 | 1 Netgear | 4 Gs116e, Gs116e Firmware, Jgs516pe and 1 more | 2021-03-15 | 5.2 MEDIUM | 6.8 MEDIUM |
| The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was not properly validating the length of string parameters sent in write requests, potentially allowing denial of service attacks. | |||||
| CVE-2020-35227 | 1 Netgear | 4 Gs116e, Gs116e Firmware, Jgs516pe and 1 more | 2021-03-15 | 6.5 MEDIUM | 7.2 HIGH |
| A buffer overflow vulnerability in the access control section on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices (in the administration web panel) allows an attacker to inject IP addresses into the whitelist via the checkedList parameter to the delete command. | |||||
| CVE-2021-25306 | 1 Gigaset | 2 Dx600a, Dx600a Firmware | 2021-03-08 | 7.8 HIGH | 7.5 HIGH |
| A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands. | |||||
| CVE-2020-11223 | 1 Qualcomm | 404 Aqt1000, Aqt1000 Firmware, Pm3003a and 401 more | 2021-02-27 | 7.2 HIGH | 7.8 HIGH |
| Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2020-7120 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 4.6 MEDIUM | 5.3 MEDIUM |
| A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit could allow a local attacker to execute arbitrary code within the context the binary is running in, which is a lower privileged account. | |||||
| CVE-2020-11170 | 1 Qualcomm | 1010 Apq8009, Apq8009 Firmware, Apq8009w and 1007 more | 2021-02-26 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-35776 | 1 Digium | 1 Asterisk | 2021-02-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses. | |||||
| CVE-2020-12374 | 1 Intel | 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more | 2021-02-22 | 4.6 MEDIUM | 6.7 MEDIUM |
| Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-24498 | 1 Intel | 10 Ethernet Network Adapter E810-cqda1, Ethernet Network Adapter E810-cqda1 For Ocp, Ethernet Network Adapter E810-cqda1 For Ocp 3.0 and 7 more | 2021-02-22 | 2.1 LOW | 4.4 MEDIUM |
| Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-24500 | 1 Intel | 10 Ethernet Network Adapter E810-cqda1, Ethernet Network Adapter E810-cqda1 For Ocp, Ethernet Network Adapter E810-cqda1 For Ocp 3.0 and 7 more | 2021-02-22 | 2.1 LOW | 4.4 MEDIUM |
| Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access. | |||||
| CVE-2020-24501 | 1 Intel | 10 Ethernet Network Adapter E810-cqda1, Ethernet Network Adapter E810-cqda1 For Ocp, Ethernet Network Adapter E810-cqda1 For Ocp 3.0 and 7 more | 2021-02-22 | 3.3 LOW | 6.5 MEDIUM |
| Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2021-22982 | 1 F5 | 2 Big-ip Domain Name System, Big-ip Global Traffic Manager | 2021-02-17 | 6.5 MEDIUM | 7.2 HIGH |
| On BIG-IP DNS and GTM version 13.1.x before 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. | |||||
| CVE-2020-8608 | 3 Debian, Libslirp Project, Opensuse | 3 Debian Linux, Libslirp, Leap | 2021-02-14 | 6.8 MEDIUM | 5.6 MEDIUM |
| In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | |||||
| CVE-2019-17517 | 1 Dialog-semiconductor | 5 Da14580, Da14581, Da14582 and 2 more | 2021-02-11 | 6.1 MEDIUM | 5.7 MEDIUM |
| The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet. | |||||
| CVE-2021-22301 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2021-02-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow. | |||||