Total
2527 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-44018 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-11-21 | 8.8 High |
| Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function. | ||||
| CVE-2023-44017 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-11-21 | 8.8 High |
| Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | ||||
| CVE-2023-44016 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-11-21 | 8.8 High |
| Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | ||||
| CVE-2023-44015 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-11-21 | 8.8 High |
| Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function. | ||||
| CVE-2023-44014 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-11-21 | 8.8 High |
| Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters. | ||||
| CVE-2023-44013 | 2 Tenda, Tendacn | 3 Ac10u Firmware, Ac10u, Ac10u Firmware | 2024-11-21 | 8.8 High |
| Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function. | ||||
| CVE-2023-43242 | 1 Dlink | 3 Dir-816 A2 Firmware, Dir-816a2, Dir-816a2 Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel. | ||||
| CVE-2023-43239 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC. | ||||
| CVE-2023-43238 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi. | ||||
| CVE-2023-43237 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC. | ||||
| CVE-2023-43236 | 1 Dlink | 2 Dir-816 A2, Dir-816 A2 Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi. | ||||
| CVE-2023-43203 | 1 Dlink | 2 Dwl-6610ap, Dwl-6610ap Firmware | 2024-11-21 | 8 High |
| D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a stack overflow vulnerability in the function update_users. | ||||
| CVE-2023-42790 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-11-21 | 7.7 High |
| A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests. | ||||
| CVE-2023-42463 | 1 Wazuh | 1 Wazuh | 2024-11-21 | 7.4 High |
| Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow hazard that could allow a local privilege escalation. This vulnerability was patched in version 4.5.3. | ||||
| CVE-2023-42116 | 1 Exim | 1 Exim | 2024-11-21 | 8.1 High |
| Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17515. | ||||
| CVE-2023-41712 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | 6.5 Medium |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash. | ||||
| CVE-2023-41711 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | 6.5 Medium |
| SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash. | ||||
| CVE-2023-41280 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | 5.5 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-41279 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | 5.5 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-41278 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-11-21 | 5.5 Medium |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later | ||||