Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-22752 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | N/A | 9.8 CRITICAL |
| There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-2546 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-11 | N/A | 8.8 HIGH |
| A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-23396 | 2025-03-11 | N/A | 7.8 HIGH | ||
| A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-28252 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-03-10 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-25231 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-10 | N/A | 9.8 CRITICAL |
| Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | |||||
| CVE-2023-25235 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-10 | N/A | 7.5 HIGH |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid. | |||||
| CVE-2023-25234 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-10 | N/A | 9.8 CRITICAL |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. | |||||
| CVE-2023-24118 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2025-03-10 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-50211 | 1 Dlink | 2 G416, G416 Firmware | 2025-03-10 | N/A | 8.8 HIGH |
| D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21663. | |||||
| CVE-2023-50210 | 1 Dlink | 2 G416, G416 Firmware | 2025-03-10 | N/A | 8.8 HIGH |
| D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21662. | |||||
| CVE-2023-50208 | 1 Dlink | 2 G416, G416 Firmware | 2025-03-10 | N/A | 8.8 HIGH |
| D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21441. | |||||
| CVE-2023-50209 | 1 Dlink | 2 G416, G416 Firmware | 2025-03-10 | N/A | 8.8 HIGH |
| D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21442. | |||||
| CVE-2023-25233 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-10 | N/A | 9.8 CRITICAL |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | |||||
| CVE-2023-7024 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-03-07 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-27997 | 1 Fortinet | 4 Fortigate 6000, Fortigate 7000, Fortios and 1 more | 2025-03-07 | N/A | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. | |||||
| CVE-2023-24121 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2025-03-07 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24126 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2025-03-07 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-24125 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2025-03-07 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2023-22751 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-07 | N/A | 9.8 CRITICAL |
| There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2023-24119 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2025-03-07 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. | |||||