Total
2792 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43896 | 1 Macrium | 1 Reflect | 2024-09-19 | 7.8 High |
| A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code. | ||||
| CVE-2023-32971 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-09-19 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | ||||
| CVE-2023-32972 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-09-19 | 3.8 Low |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | ||||
| CVE-2024-34057 | 1 Trianglemicroworks | 1 Iec 61850 Client Source Code Library | 2024-09-19 | 8.2 High |
| Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service. | ||||
| CVE-2024-7490 | 1 Microchip | 1 Advanced Software Framework | 2024-09-19 | 9.8 Critical |
| Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option. This issue affects Advanced Software Framework: through 3.52.0.2574. ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework. | ||||
| CVE-2023-26318 | 2 Mi, Xiaomi | 3 Xiaomi Router Ax3200, Xiaomi Router Ax3200 Firmware, Xiaomi Router | 2024-09-18 | 6.7 Medium |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers. | ||||
| CVE-2024-4640 | 1 Moxa | 8 Oncell G3470a-lte-eu, Oncell G3470a-lte-eu-t, Oncell G3470a-lte-eu-t Firmware and 5 more | 2024-09-18 | 7.1 High |
| OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash. | ||||
| CVE-2023-32722 | 1 Zabbix | 1 Zabbix | 2024-09-18 | 9.6 Critical |
| The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. | ||||
| CVE-2023-45464 | 1 Netis-systems | 2 N3m, N3m Firmware | 2024-09-18 | 7.5 High |
| Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2023-35056 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2024-09-18 | 8.8 High |
| A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function. | ||||
| CVE-2023-35055 | 1 Yifanwireless | 2 Yf325, Yf325 Firmware | 2024-09-18 | 8.8 High |
| A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the gozila_cgi function. | ||||
| CVE-2024-45619 | 1 Redhat | 1 Enterprise Linux | 2024-09-18 | 4.3 Medium |
| A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. | ||||
| CVE-2024-45620 | 1 Redhat | 1 Enterprise Linux | 2024-09-18 | 3.9 Low |
| A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. | ||||
| CVE-2023-45468 | 1 Netis-systems | 2 N3m, N3m Firmware | 2024-09-17 | 7.5 High |
| Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2024-46451 | 1 Totolink | 3 Ac1200 T8 Firmware, T8, T8 Firmware | 2024-09-17 | 9.8 Critical |
| TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. | ||||
| CVE-2024-46424 | 1 Totolink | 3 Ac1200 T8 Firmware, T8, T8 Firmware | 2024-09-17 | 7.5 High |
| TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter. | ||||
| CVE-2024-46419 | 1 Totolink | 3 Ac1200 T8 Firmware, T8, T8 Firmware | 2024-09-17 | 9.8 Critical |
| TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter. | ||||
| CVE-2023-5748 | 1 Synology | 1 Ssl Vpn Client | 2024-09-17 | 3.3 Low |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors. | ||||
| CVE-2021-43072 | 1 Fortinet | 4 Fortianalyzer, Fortimanager, Fortios and 1 more | 2024-09-17 | 6.3 Medium |
| A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol. | ||||
| CVE-2023-42299 | 1 Openimageio | 1 Openimageio | 2024-09-17 | 9.8 Critical |
| Buffer Overflow vulnerability in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_subimage_data function. | ||||