Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24099 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-08-02 | N/A | 8.8 HIGH |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the username parameter at /formWizardPassword. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-5944 | 1 Deltaww | 1 Dopsoft | 2024-08-02 | N/A | 7.8 HIGH |
| Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file. | |||||
| CVE-2023-3959 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2024-08-02 | N/A | 9.8 CRITICAL |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | |||||
| CVE-2023-3495 | 1 Hitachi | 1 Eh-view | 2024-08-02 | N/A | 7.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** Out-of-bounds Write vulnerability in Hitachi EH-VIEW (KeypadDesigner) allows local attackers to potentially execute arbitray code on affected EH-VIEW installations. User interaction is required to exploit the vulnerabilities in that the user must open a malicious file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-41464 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic | |||||
| CVE-2024-41462 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient. | |||||
| CVE-2024-41459 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 9.8 CRITICAL |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex. | |||||
| CVE-2024-41465 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/setcfm. | |||||
| CVE-2024-41460 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 9.8 CRITICAL |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic. | |||||
| CVE-2024-41463 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/addressNat. | |||||
| CVE-2024-41466 | 1 Tendacn | 2 Fh1201, Fh1201 Firmware | 2024-08-01 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting. | |||||
| CVE-2024-32905 | 1 Google | 1 Android | 2024-08-01 | N/A | 9.8 CRITICAL |
| In circ_read of link_device_memory_legacy.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-33180 | 1 Tendacn | 2 Ac18, Ac18 Firmware | 2024-08-01 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo. | |||||
| CVE-2024-33182 | 1 Tendacn | 2 Ac18, Ac18 Firmware | 2024-08-01 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter. | |||||
| CVE-2024-28535 | 1 Tenda | 1 Ac18 Firmware | 2024-08-01 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function. | |||||
| CVE-2023-46223 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-08-01 | N/A | 9.8 CRITICAL |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | |||||
| CVE-2022-22026 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-08-01 | 7.2 HIGH | 8.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2022-22049 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-08-01 | 7.2 HIGH | 7.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2019-1213 | 1 Microsoft | 1 Windows Server 2008 | 2024-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server. To exploit the vulnerability, an attacker could send a specially crafted packet to a DHCP server. The security update addresses the vulnerability by correcting how DHCP servers handle network packets. | |||||
| CVE-2024-42080 | 1 Linux | 1 Linux Kernel | 2024-07-30 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Fix potential invalid address access struct rdma_restrack_entry's kern_name was set to KBUILD_MODNAME in ib_create_cq(), while if the module exited but forgot del this rdma_restrack_entry, it would cause a invalid address access in rdma_restrack_clean() when print the owner of this rdma_restrack_entry. These code is used to help find one forgotten PD release in one of the ULPs. But it is not needed anymore, so delete them. | |||||