Total
2563 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-3910 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda AC500 2.0.1.9(1307). Affected by this issue is the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261146 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3875 | 1 Tenda | 2 F1202, F1202 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda F1202 1.2.0.20(408). It has been rated as critical. This issue affects the function fromNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260909 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3876 | 1 Tenda | 2 F1202, F1202 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-260910 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3877 | 1 Tenda | 2 F1202, F1202 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability classified as critical was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the function fromqossetting of the file /goform/fromqossetting. The manipulation of the argument qos leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260911. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3878 | 1 Tenda | 2 F1202, F1202 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda F1202 1.2.0.20(408). Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260912. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2837 | 1 Gpac | 1 Gpac | 2025-01-21 | 5.5 Medium |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2024-4166 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability has been found in Tenda 4G300 1.01.42 and classified as critical. Affected by this vulnerability is the function sub_41E858. The manipulation of the argument GO/page leads to stack-based buffer overflow. The attack can be launched remotely. The identifier VDB-261985 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4167 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by this issue is the function sub_422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to stack-based buffer overflow. The attack may be launched remotely. VDB-261986 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4168 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. This affects the function sub_4260F0. The manipulation of the argument upfilen leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-261987. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4169 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42. It has been declared as critical. This vulnerability affects the function sub_42775C/sub_4279CC. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The identifier of this vulnerability is VDB-261988. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-4170 | 1 Tenda | 2 4g300, 4g300 Firmware | 2025-01-21 | 8.8 High |
| A vulnerability was found in Tenda 4G300 1.01.42. It has been rated as critical. This issue affects the function sub_429A30. The manipulation of the argument list1 leads to stack-based buffer overflow. The attack may be initiated remotely. The identifier VDB-261989 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-3907 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-01-17 | 8.8 High |
| A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been rated as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261143. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-12803 | 2025-01-17 | 7.2 High | ||
| A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution. | ||||
| CVE-2022-3159 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-01-16 | 7.8 High |
| The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2022-3085 | 1 Fujielectric | 1 Tellus Lite V-simulator | 2025-01-16 | 7.8 High |
| Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to a stack-based buffer overflow which may allow an attacker to execute arbitrary code. | ||||
| CVE-2022-4634 | 1 Deltaww | 2 Cncsoft, Screeneditor | 2025-01-16 | 7.8 High |
| All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2023-0123 | 1 Deltaww | 1 Dopsoft | 2025-01-16 | 7.8 High |
| Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software. | ||||
| CVE-2023-0250 | 1 Deltaww | 1 Diascreen | 2025-01-16 | 7.8 High |
| Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2023-35986 | 1 Santesoft | 1 Dicom Viewer Pro | 2025-01-16 | 7.8 High |
| Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2023-38584 | 1 Weintek | 14 Cmt-fhd, Cmt-fhd Firmware, Cmt-hdm and 11 more | 2025-01-16 | 9.8 Critical |
| In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication. | ||||