Total
2023 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-46049 | 1 Tenda | 2 O6, O6 Firmware | 2024-09-20 | 5.7 Medium |
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function. | ||||
CVE-2024-46047 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | 6.5 Medium |
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. | ||||
CVE-2024-46046 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2024-09-20 | 6.5 Medium |
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. | ||||
CVE-2024-46045 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2024-09-20 | 5.7 Medium |
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function. | ||||
CVE-2024-46044 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2024-09-20 | 5.7 Medium |
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function. | ||||
CVE-2024-38246 | 1 Microsoft | 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more | 2024-09-19 | 7 High |
Win32k Elevation of Privilege Vulnerability | ||||
CVE-2024-6146 | 1 Actiontec | 2 Wcb6200q, Wcb6200q Firmware | 2024-09-19 | 8.8 High |
Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21418. | ||||
CVE-2024-6144 | 1 Actiontec | 2 Wcb6200q, Wcb6200q Firmware | 2024-09-19 | 8.8 High |
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21416. | ||||
CVE-2024-37984 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-09-19 | 8.4 High |
Secure Boot Security Feature Bypass Vulnerability | ||||
CVE-2024-37978 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2024-09-19 | 8 High |
Secure Boot Security Feature Bypass Vulnerability | ||||
CVE-2024-37972 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-09-19 | 8 High |
Secure Boot Security Feature Bypass Vulnerability | ||||
CVE-2024-37971 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-09-19 | 8 High |
Secure Boot Security Feature Bypass Vulnerability | ||||
CVE-2024-28928 | 1 Microsoft | 1 Sql Server | 2024-09-19 | 8.8 High |
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | ||||
CVE-2024-37970 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-09-19 | 8 High |
Secure Boot Security Feature Bypass Vulnerability | ||||
CVE-2024-28899 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-09-19 | 8.8 High |
Secure Boot Security Feature Bypass Vulnerability | ||||
CVE-2024-44589 | 1 Dlink | 1 Dcs-960l Firmware | 2024-09-19 | 8.8 High |
Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to execute of arbitrary code. | ||||
CVE-2023-35012 | 3 Ibm, Linux, Microsoft | 4 Aix, Db2, Linux Kernel and 1 more | 2024-09-19 | 6.7 Medium |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763. | ||||
CVE-2023-4756 | 1 Gpac | 1 Gpac | 2024-09-19 | 5.5 Medium |
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
CVE-2023-32971 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-09-19 | 3.8 Low |
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later | ||||
CVE-2023-32972 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-09-19 | 3.8 Low |
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later |