Total
2731 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-4167 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by this issue is the function sub_422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to stack-based buffer overflow. The attack may be launched remotely. VDB-261986 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4168 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. This affects the function sub_4260F0. The manipulation of the argument upfilen leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-261987. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4169 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42. It has been declared as critical. This vulnerability affects the function sub_42775C/sub_4279CC. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The identifier of this vulnerability is VDB-261988. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4170 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42. It has been rated as critical. This issue affects the function sub_429A30. The manipulation of the argument list1 leads to stack-based buffer overflow. The attack may be initiated remotely. The identifier VDB-261989 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3907 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-01-17 | 8.8 High |
| A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been rated as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261143. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12803 | 2025-01-17 | 7.2 High | ||
| A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution. | ||||
| CVE-2022-3159 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-01-16 | 7.8 High |
| The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2022-3085 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2025-01-16 | 7.8 High |
| Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to a stack-based buffer overflow which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-4634 | 1 Deltaww | 2 Cncsoft, Screeneditor | 2025-01-16 | 7.8 High |
| All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2023-0123 | 1 Deltaww | 1 Dopsoft | 2025-01-16 | 7.8 High |
| Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software. | ||||
| CVE-2023-0250 | 1 Deltaww | 1 Diascreen | 2025-01-16 | 7.8 High |
| Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2023-35986 | 1 Santesoft | 1 Dicom Viewer Pro | 2025-01-16 | 7.8 High |
| Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2023-38584 | 1 Weintek | 14 Cmt-fhd, Cmt-fhd Firmware, Cmt-hdm and 11 more | 2025-01-16 | 9.8 Critical |
| In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. | ||||
| CVE-2023-43492 | 1 Weintek | 14 Cmt-fhd, Cmt-fhd Firmware, Cmt-hdm and 11 more | 2025-01-16 | 9.8 Critical |
| In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. | ||||
| CVE-2023-4249 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2025-01-16 | 8.8 High |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command injection vulnerability in their implementation of their binaries and handling of network requests. | ||||
| CVE-2023-39435 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2025-01-16 | 8.8 High |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to stack-based overflows. During the process of updating certain settings sent from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | ||||
| CVE-2023-43755 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2025-01-16 | 9.8 Critical |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. During the processing and parsing of certain fields in XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | ||||
| CVE-2023-45225 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2025-01-16 | 9.8 Critical |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | ||||
| CVE-2023-3959 | 1 Zavio | 22 B8220, B8220 Firmware, B8520 and 19 more | 2025-01-16 | 9.8 Critical |
| Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While processing XML elements from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution. | ||||
| CVE-2024-4127 | 1 Tenda | 2 W15e, W15e Firmware | 2025-01-15 | 8.8 High |
| A vulnerability was found in Tenda W15E 15.11.0.14. It has been classified as critical. Affected is the function guestWifiRuleRefresh. The manipulation of the argument qosGuestDownstream leads to stack-based buffer overflow. It is possible to launch the attack remotely. VDB-261870 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||