Total
2602 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6711 | 1 Hitachienergy | 2 Rtu500, Rtu500 Firmware | 2024-09-25 | N/A | 7.5 HIGH |
| Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU. | |||||
| CVE-2023-43131 | 1 Maxiguvenlik | 1 General Device Manager | 2024-09-25 | N/A | 9.8 CRITICAL |
| General Device Manager 2.5.2.2 is vulnerable to Buffer Overflow. | |||||
| CVE-2024-45619 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-09-23 | N/A | 4.3 MEDIUM |
| A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. | |||||
| CVE-2023-43907 | 1 Optipng Project | 1 Optipng | 2024-09-23 | N/A | 7.8 HIGH |
| OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c. | |||||
| CVE-2024-32763 | 1 Qnap | 2 Qts, Quts Hero | 2024-09-20 | N/A | 8.8 HIGH |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later | |||||
| CVE-2023-44830 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44832 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the MacAddress parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44829 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the AdminPassword parameter in the SetDeviceSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44828 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the CurrentPassword parameter in the CheckPasswdSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-4582 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2024-09-19 | N/A | 8.8 HIGH |
| Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. | |||||
| CVE-2023-44831 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Type parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44836 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SSID parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44835 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Mac parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44837 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Password parameter in the SetWanSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44834 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the StartTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2023-44833 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2024-09-19 | N/A | 7.5 HIGH |
| D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the GuardInt parameter in the SetWLanRadioSettings function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-45620 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-09-19 | N/A | 3.9 LOW |
| A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. | |||||
| CVE-2024-6143 | 1 Actiontec | 2 Wcb6200q, Wcb6200q Firmware | 2024-09-19 | N/A | 8.8 HIGH |
| Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21414. | |||||
| CVE-2024-6142 | 1 Actiontec | 2 Wcb6200q, Wcb6200q Firmware | 2024-09-19 | N/A | 8.8 HIGH |
| Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21410. | |||||
| CVE-2024-46451 | 1 Totolink | 2 T8, T8 Firmware | 2024-09-17 | N/A | 9.8 CRITICAL |
| TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. | |||||