Total
3006 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24807 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 15 Debian Linux, Fedora, Net-snmp and 12 more | 2025-01-17 | N/A | 6.5 MEDIUM |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2022-24805 | 4 Debian, Fedoraproject, Net-snmp and 1 more | 15 Debian Linux, Fedora, Net-snmp and 12 more | 2025-01-17 | N/A | 6.5 MEDIUM |
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2024-13503 | 2025-01-17 | N/A | N/A | ||
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM (Updating signaling process in the swdownload binary modules) allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250, NTC2299: from 1.0.1.1 through 2.2.6.19. The issue is both present on the PowerPC versions of the modem and the ARM versions. A stack buffer buffer overflow in the swdownload binary allows attackers to execute arbitrary code. The parse_INFO function uses an unrestricted `sscanf` to read a string of an incoming network packet into a statically sized buffer. | |||||
| CVE-2024-48806 | 2025-01-16 | N/A | 6.8 MEDIUM | ||
| Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field | |||||
| CVE-2021-46886 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46885 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46884 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46883 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46882 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46881 | 1 Huawei | 1 Emui | 2025-01-16 | N/A | 7.5 HIGH |
| The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-54887 | 2025-01-15 | N/A | 8.0 HIGH | ||
| TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. | |||||
| CVE-2024-21480 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 227 more | 2025-01-15 | N/A | 7.3 HIGH |
| Memory corruption while playing audio file having large-sized input buffer. | |||||
| CVE-2023-43526 | 1 Qualcomm | 76 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 73 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption while querying module parameters from Listen Sound model client in kernel from user space. | |||||
| CVE-2023-43525 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption while copying the sound model data from user to kernel buffer during sound model register. | |||||
| CVE-2023-43524 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 111 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption when the bandpass filter order received from AHAL is not within the expected range. | |||||
| CVE-2024-25817 | 1 Eza.rock | 1 Eza | 2025-01-15 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components. | |||||
| CVE-2022-22687 | 1 Synology | 2 Diskstation Manager, Diskstation Manager Unified Controller | 2025-01-14 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2022-22683 | 1 Synology | 3 Diskstation Manager, Media Server, Router Manager | 2025-01-14 | N/A | 10.0 CRITICAL |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2022-48681 | 1 Huawei | 2 Egrt-00, Egrt-00 Firmware | 2025-01-14 | N/A | 7.2 HIGH |
| Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail. | |||||
| CVE-2024-39774 | 2025-01-14 | N/A | 9.1 CRITICAL | ||
| A buffer overflow vulnerability exists in the adm.cgi set_sys_adm() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||