Total
3770 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-36290 | 2025-01-14 | 10 Critical | ||
| A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. | ||||
| CVE-2024-36272 | 2025-01-14 | 9.1 Critical | ||
| A buffer overflow vulnerability exists in the usbip.cgi set_info() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | ||||
| CVE-2024-12147 | 1 Netgear | 1 R6900 Firmware | 2025-01-14 | 6.5 Medium |
| A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2023-46284 | 1 Siemens | 4 Opcenter Quality, Simatic Pcs Neo, Sinumerik Integrate Runmyhmi \/automotive and 1 more | 2025-01-14 | 7.5 High |
| A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash. | ||||
| CVE-2023-46283 | 1 Siemens | 4 Opcenter Quality, Simatic Pcs Neo, Sinumerik Integrate Runmyhmi \/automotive and 1 more | 2025-01-14 | 7.5 High |
| A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash. | ||||
| CVE-2024-21463 | 1 Qualcomm | 218 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 215 more | 2025-01-13 | 7.3 High |
| Memory corruption while processing Codec2 during v13k decoder pitch synthesis. | ||||
| CVE-2023-43515 | 1 Qualcomm | 12 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 9 more | 2025-01-13 | 6.6 Medium |
| Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled. | ||||
| CVE-2024-45547 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | 7.8 High |
| Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality. | ||||
| CVE-2024-45541 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 99 more | 2025-01-13 | 7.8 High |
| Memory corruption when IOCTL call is invoked from user-space to read board data. | ||||
| CVE-2024-56456 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 6.8 Medium |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-56455 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 5.5 Medium |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-56454 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 5.5 Medium |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-56453 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 6.8 Medium |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-56452 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 5.5 Medium |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-56450 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-13 | 6.3 Medium |
| Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-6352 | 2025-01-13 | 4.3 Medium | ||
| A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead to an assert | ||||
| CVE-2024-5974 | 1 Watchguard | 51 Firebox M200, Firebox M270, Firebox M290 and 48 more | 2025-01-13 | 7.2 High |
| A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | ||||
| CVE-2021-30184 | 2 Fedoraproject, Gnu | 2 Fedora, Chess | 2025-01-12 | 7.8 High |
| GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc. | ||||
| CVE-2023-29550 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Focus and 6 more | 2025-01-10 | 8.8 High |
| Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. | ||||
| CVE-2023-43548 | 1 Qualcomm | 284 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 281 more | 2025-01-10 | 7.3 High |
| Memory corruption while parsing qcp clip with invalid chunk data size. | ||||