Total
3168 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-39802 | 2025-01-14 | N/A | 9.1 CRITICAL | ||
| Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `qos_dat` POST parameter. | |||||
| CVE-2024-39801 | 2025-01-14 | N/A | 9.1 CRITICAL | ||
| Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer overflow vulnerability exists in the `qos_bandwidth` POST parameter. | |||||
| CVE-2024-39770 | 2025-01-14 | N/A | 9.1 CRITICAL | ||
| Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `en_enable` POST parameter. | |||||
| CVE-2024-39769 | 2025-01-14 | N/A | 9.1 CRITICAL | ||
| Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `cli_mac` POST parameter. | |||||
| CVE-2024-39768 | 2025-01-14 | N/A | 9.1 CRITICAL | ||
| Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability exists in the `cli_name` POST parameter. | |||||
| CVE-2024-12147 | 2025-01-14 | 6.8 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-50821 | 2025-01-14 | N/A | 6.2 MEDIUM | ||
| A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC04), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 1), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 16), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5). The affected products do not properly validate the input provided in the login dialog box. An attacker could leverage this vulnerability to cause a persistent denial of service condition. | |||||
| CVE-2024-21463 | 1 Qualcomm | 218 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 215 more | 2025-01-13 | N/A | 7.3 HIGH |
| Memory corruption while processing Codec2 during v13k decoder pitch synthesis. | |||||
| CVE-2023-43515 | 1 Qualcomm | 12 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 9 more | 2025-01-13 | N/A | 6.6 MEDIUM |
| Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled. | |||||
| CVE-2024-45547 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | N/A | 7.8 HIGH |
| Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality. | |||||
| CVE-2024-45541 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 99 more | 2025-01-13 | N/A | 7.8 HIGH |
| Memory corruption when IOCTL call is invoked from user-space to read board data. | |||||
| CVE-2024-56456 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 6.8 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56455 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56454 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56453 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 6.8 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56452 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 5.5 MEDIUM |
| Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-56450 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-13 | N/A | 6.3 MEDIUM |
| Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-6352 | 2025-01-13 | N/A | 4.3 MEDIUM | ||
| A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead to an assert | |||||
| CVE-2024-5974 | 1 Watchguard | 51 Firebox M200, Firebox M270, Firebox M290 and 48 more | 2025-01-13 | N/A | 7.2 HIGH |
| A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | |||||
| CVE-2021-30184 | 2 Fedoraproject, Gnu | 2 Fedora, Chess | 2025-01-12 | 6.8 MEDIUM | 7.8 HIGH |
| GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc. | |||||