Total
12297 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24962 | 1 Automationdirect | 12 P1-540, P1-540 Firmware, P1-550 and 9 more | 2025-02-12 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e98` of v1.2.10.9 of the P3-550E firmware. | |||||
| CVE-2024-24956 | 1 Automationdirect | 2 P3-550e, P3-550e Firmware | 2025-02-12 | N/A | 8.2 HIGH |
| Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6a38`. | |||||
| CVE-2024-24958 | 1 Automationdirect | 2 P3-550e, P3-550e Firmware | 2025-02-12 | N/A | 8.2 HIGH |
| Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6bdc`. | |||||
| CVE-2024-24955 | 1 Automationdirect | 2 P3-550e, P3-550e Firmware | 2025-02-12 | N/A | 8.2 HIGH |
| Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`. | |||||
| CVE-2024-24954 | 1 Automationdirect | 2 P3-550e, P3-550e Firmware | 2025-02-12 | N/A | 8.2 HIGH |
| Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69c8`. | |||||
| CVE-2024-24947 | 1 Automationdirect | 12 P1-540, P1-540 Firmware, P1-550 and 9 more | 2025-02-12 | N/A | 8.2 HIGH |
| A heap-based buffer overflow vulnerability exists in the Programming Software Connection CurrDir functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to denial of service. An attacker can send an unauthenticated packet to trigger these vulnerability.This CVE tracks the heap corruption that occurs at offset `0xb68c4` of version 1.2.10.9 of the P3-550E firmware, which occurs when a call to `memset` relies on an attacker-controlled length value and corrupts any trailing heap allocations. | |||||
| CVE-2023-27019 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-02-12 | N/A | 9.8 CRITICAL |
| Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_458FBC function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||||
| CVE-2024-24851 | 1 Automationdirect | 12 P1-540, P1-540 Firmware, P1-550 and 9 more | 2025-02-12 | N/A | 7.5 HIGH |
| A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability. | |||||
| CVE-2023-29421 | 1 Bzip3 Project | 1 Bzip3 | 2025-02-12 | N/A | 8.8 HIGH |
| An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block. | |||||
| CVE-2023-27810 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27808 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27807 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27806 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27805 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27803 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27802 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the EditvsList parameter at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27801 | 1 H3c | 1 Magic R100 Firmware | 2025-02-12 | N/A | 4.9 MEDIUM |
| H3C Magic R100 R100V100R005.bin was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. | |||||
| CVE-2023-27720 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-02-12 | N/A | 9.8 CRITICAL |
| D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_48d630 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||||
| CVE-2023-27719 | 1 Dlink | 2 Dir878, Dir878 Firmware | 2025-02-12 | N/A | 9.8 CRITICAL |
| D-Link DIR878 1.30B08 was discovered to contain a stack overflow in the sub_478360 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||||
| CVE-2023-27021 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-02-12 | N/A | 9.8 CRITICAL |
| Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | |||||