Total
11285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38933 | 1 Tenda | 18 Ac10, Ac10 Firmware, Ac1206 and 15 more | 2024-10-17 | 9.8 Critical |
| Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | ||||
| CVE-2023-22363 | 1 Gallagher | 1 Command Centre | 2024-10-17 | 6.5 Medium |
| A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 (MR2) | ||||
| CVE-2023-20817 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6739 and 22 more | 2024-10-16 | 6.7 Medium |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453600; Issue ID: ALPS07453600. | ||||
| CVE-2024-23374 | 1 Qualcomm | 52 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 49 more | 2024-10-16 | 6.7 Medium |
| Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file. | ||||
| CVE-2024-8231 | 1 Tenda | 2 O6, O6 Firmware | 2024-10-16 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-45382 | 1 Openatom | 1 Openharmony | 2024-10-16 | 3.3 Low |
| in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. | ||||
| CVE-2023-45580 | 1 Dlink | 14 Di-7003g, Di-7003g Firmware, Di-7100g and 11 more | 2024-10-16 | 9.8 Critical |
| Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function | ||||
| CVE-2024-47134 | 2 Electronics.jtekt, Jtekt | 2 Kostac Plc Programming Software, Kostac Plc Programming Software | 2024-10-16 | 7.8 High |
| Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. | ||||
| CVE-2024-38207 | 1 Microsoft | 1 Edge Chromium | 2024-10-16 | 6.3 Medium |
| Microsoft Edge (HTML-based) Memory Corruption Vulnerability | ||||
| CVE-2023-38932 | 1 Tenda | 8 F1202, F1202 Firmware, Fh1202 and 5 more | 2024-10-15 | 9.8 Critical |
| Tenda F1202 V1.2.0.9, PA202 V1.1.2.5, PW201A V1.1.2.5 and FH1202 V1.2.0.9 were discovered to contain a stack overflow via the page parameter in the SafeEmailFilter function. | ||||
| CVE-2023-38934 | 1 Tenda | 6 F1203, F1203 Firmware, Fh1203 and 3 more | 2024-10-15 | 9.8 Critical |
| Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. | ||||
| CVE-2023-38935 | 1 Tenda | 10 Ac10, Ac10 Firmware, Ac1206 and 7 more | 2024-10-15 | 9.8 Critical |
| Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. | ||||
| CVE-2023-38936 | 1 Tenda | 18 Ac10, Ac10 Firmware, Ac1206 and 15 more | 2024-10-15 | 9.8 Critical |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | ||||
| CVE-2023-20807 | 2 Google, Mediatek | 8 Android, Mt2713, Mt6895 and 5 more | 2024-10-15 | 6.7 Medium |
| In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433. | ||||
| CVE-2023-20808 | 2 Google, Mediatek | 6 Android, Mt9011, Mt9022 and 3 more | 2024-10-15 | 6.7 Medium |
| In OPTEE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03645895; Issue ID: DTV03645895. | ||||
| CVE-2023-38930 | 1 Tenda | 10 Ac5, Ac5 Firmware, Ac7 and 7 more | 2024-10-15 | 9.8 Critical |
| Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. | ||||
| CVE-2016-9428 | 1 Tats | 1 W3m | 2024-10-15 | 8.8 High |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | ||||
| CVE-2019-2867 | 2 Opensuse, Oracle | 2 Leap, Vm Virtualbox | 2024-10-15 | 8.2 High |
| Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2023-29075 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-10-15 | 9.8 Critical |
| A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-38528 | 1 Siemens | 2 Parasolid, Teamcenter Visualization | 2024-10-15 | 7.8 High |
| A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process. | ||||