Filtered by CWE-121
Total 2023 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-46049 1 Tenda 2 O6, O6 Firmware 2024-09-20 5.7 Medium
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.
CVE-2024-46047 1 Tenda 2 Fh451, Fh451 Firmware 2024-09-20 6.5 Medium
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
CVE-2024-46046 1 Tenda 2 Fh451, Fh451 Firmware 2024-09-20 6.5 Medium
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
CVE-2024-46045 1 Tenda 2 Ch22, Ch22 Firmware 2024-09-20 5.7 Medium
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.
CVE-2024-46044 1 Tenda 2 Ch22, Ch22 Firmware 2024-09-20 5.7 Medium
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.
CVE-2024-38246 1 Microsoft 15 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 12 more 2024-09-19 7 High
Win32k Elevation of Privilege Vulnerability
CVE-2024-6146 1 Actiontec 2 Wcb6200q, Wcb6200q Firmware 2024-09-19 8.8 High
Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21418.
CVE-2024-6144 1 Actiontec 2 Wcb6200q, Wcb6200q Firmware 2024-09-19 8.8 High
Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the HTTP server. Was ZDI-CAN-21416.
CVE-2024-37984 1 Microsoft 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more 2024-09-19 8.4 High
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37978 1 Microsoft 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more 2024-09-19 8 High
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37972 1 Microsoft 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more 2024-09-19 8 High
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37971 1 Microsoft 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more 2024-09-19 8 High
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28928 1 Microsoft 1 Sql Server 2024-09-19 8.8 High
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37970 1 Microsoft 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more 2024-09-19 8 High
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-28899 1 Microsoft 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more 2024-09-19 8.8 High
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-44589 1 Dlink 1 Dcs-960l Firmware 2024-09-19 8.8 High
Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to execute of arbitrary code.
CVE-2023-35012 3 Ibm, Linux, Microsoft 4 Aix, Db2, Linux Kernel and 1 more 2024-09-19 6.7 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM X-Force ID: 257763.
CVE-2023-4756 1 Gpac 1 Gpac 2024-09-19 5.5 Medium
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.
CVE-2023-32971 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-09-19 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later
CVE-2023-32972 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-09-19 3.8 Low
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later