Total
3106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1595 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service. | |||||
| CVE-2013-1592 | 1 Sap | 1 Netweaver | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code. | |||||
| CVE-2012-6122 | 1 Call-cc | 1 Chicken | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value. | |||||
| CVE-2012-3407 | 1 Plow Project | 1 Plow | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| plow has local buffer overflow vulnerability | |||||
| CVE-2011-1145 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Enterprise Linux and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. | |||||
| CVE-2011-10005 | 1 Easyftp Server Project | 1 Easyftp Server | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716. | |||||
| CVE-2010-5333 | 2 Integard Home Project, Integard Pro Project | 2 Integard Home, Integard Pro | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed for the vulnerable software. This CVE is to track an alternate exploitation method, utilizing an EIP-overwrite buffer overflow. | |||||
| CVE-2010-3844 | 2 Debian, Ettercap-project | 2 Debian Linux, Ettercap | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack. | |||||
| CVE-2009-5041 | 1 Debian | 1 Overkill | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| overkill has buffer overflow via long player names that can corrupt data on the server machine | |||||
| CVE-2009-4067 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system. | |||||
| CVE-2009-0948 | 1 Apple | 1 Files | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02. | |||||
| CVE-2006-3100 | 1 Termpkg Project | 1 Termpkg | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| termpkg 3.3 suffers from buffer overflow. | |||||
| CVE-2024-52714 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2024-11-20 | N/A | 9.8 CRITICAL |
| Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime. | |||||
| CVE-2024-25254 | 2024-11-19 | N/A | 9.8 CRITICAL | ||
| SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter. | |||||
| CVE-2024-25253 | 2024-11-19 | N/A | 7.5 HIGH | ||
| Driver Booster v10.6 was discovered to contain a buffer overflow via the Host parameter under the Customize proxy module. | |||||
| CVE-2015-20111 | 2024-11-18 | N/A | 9.8 CRITICAL | ||
| miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation. | |||||
| CVE-2024-45971 | 2024-11-18 | N/A | 9.8 CRITICAL | ||
| Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message. | |||||
| CVE-2024-24447 | 2024-11-18 | N/A | 5.3 MEDIUM | ||
| A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list. | |||||
| CVE-2024-24450 | 2024-11-18 | N/A | 5.3 MEDIUM | ||
| Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN5G AMF <= 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource Setup Response with a suffciently large FailedToSetupList IE. | |||||
| CVE-2024-45970 | 2024-11-18 | N/A | 9.8 CRITICAL | ||
| Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message. | |||||