Total
3168 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24451 | 2025-01-24 | N/A | 7.5 HIGH | ||
| A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface. | |||||
| CVE-2024-57184 | 2025-01-24 | N/A | 5.5 MEDIUM | ||
| An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS) via a crafted MP4 file. | |||||
| CVE-2022-47090 | 2025-01-24 | N/A | 7.8 HIGH | ||
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c, check needed for num_exp_tile_columns | |||||
| CVE-2023-6881 | 1 Zephyrproject | 1 Zephyr | 2025-01-23 | N/A | 7.3 HIGH |
| Possible buffer overflow in is_mount_point | |||||
| CVE-2024-0816 | 1 Zyxel | 130 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 127 more | 2025-01-22 | N/A | 5.5 MEDIUM |
| The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50(ABVY.4)C0 could allow an authenticated local attacker to cause denial of service (DoS) conditions by executing the CLI command with crafted strings on an affected device. | |||||
| CVE-2023-37929 | 1 Zyxel | 64 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 61 more | 2025-01-22 | N/A | 6.5 MEDIUM |
| The buffer overflow vulnerability in the CGI program of the VMG3625-T50B firmware version V5.50(ABPM.8)C0 could allow an authenticated remote attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | |||||
| CVE-2024-8748 | 1 Zyxel | 126 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 123 more | 2025-01-21 | N/A | 7.5 HIGH |
| A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in Zyxel VMG8825-T50K firmware versions through V5.50(ABOM.8.4)C0 could allow an attacker to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP POST request to a vulnerable device. | |||||
| CVE-2024-9197 | 1 Zyxel | 72 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 69 more | 2025-01-21 | N/A | 4.9 MEDIUM |
| A post-authentication buffer overflow vulnerability in the parameter "action" of the CGI program in Zyxel VMG3625-T50B firmware versions through V5.50(ABPM.9.2)C0 could allow an authenticated attacker with administrator privileges to cause a temporary denial of service (DoS) condition against the web management interface by sending a crafted HTTP GET request to a vulnerable device if the function ZyEE is enabled. | |||||
| CVE-2023-41913 | 1 Strongswan | 1 Strongswan | 2025-01-17 | N/A | 9.8 CRITICAL |
| strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message. | |||||
| CVE-2022-24807 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 15 Debian Linux, Fedora, Net-snmp and 12 more | 2025-01-17 | N/A | 6.5 MEDIUM |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2022-24805 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 15 Debian Linux, Fedora, Net-snmp and 12 more | 2025-01-17 | N/A | 6.5 MEDIUM |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2024-13503 | 2025-01-17 | N/A | N/A | ||
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM (Updating signaling process in the swdownload binary modules) allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The issue is both present on the PowerPC versions of the modem and the ARM versions. A stack buffer buffer overflow in the swdownload binary allows attackers to execute arbitrary code. The parse_INFO function uses an unrestricted `sscanf` to read a string of an incoming network packet into a statically sized buffer. | |||||
| CVE-2024-48806 | 2025-01-16 | N/A | 6.8 MEDIUM | ||
| Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field | |||||
| CVE-2021-46886 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46885 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46884 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46883 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46882 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46881 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-54887 | 2025-01-15 | N/A | 8.0 HIGH | ||
| TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. | |||||