Total
3005 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12354 | 1 Razormist | 1 Phone Contact Manager System | 2024-12-10 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12343 | 1 Tp-link | 2 Vn020 F3v, Vn020 F3v Firmware | 2024-12-10 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability classified as critical has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-36358 | 1 Tp-link | 8 Tl-wr743nd, Tl-wr743nd Firmware, Tl-wr841n and 5 more | 2024-12-10 | N/A | 7.7 HIGH |
| TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2023-36359 | 1 Tp-link | 6 Tl-wr841n, Tl-wr841n Firmware, Tl-wr940n and 3 more | 2024-12-10 | N/A | 7.5 HIGH |
| TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
| CVE-2020-20703 | 1 Vim | 1 Vim | 2024-12-10 | N/A | 9.8 CRITICAL |
| Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | |||||
| CVE-2023-34563 | 1 Netgear | 2 R6250, R6250 Firmware | 2024-12-09 | N/A | 9.8 CRITICAL |
| netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication. | |||||
| CVE-2022-23085 | 1 Freebsd | 1 Freebsd | 2024-12-09 | N/A | 8.2 HIGH |
| A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment. | |||||
| CVE-2024-55564 | 2024-12-09 | N/A | 9.8 CRITICAL | ||
| The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. | |||||
| CVE-2024-23286 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-12-09 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. Processing an image may lead to arbitrary code execution. | |||||
| CVE-2020-35357 | 2 Debian, Gnu | 2 Debian Linux, Gnu Scientific Library | 2024-12-07 | N/A | 6.5 MEDIUM |
| A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution. | |||||
| CVE-2024-40536 | 2024-12-06 | N/A | 5.3 MEDIUM | ||
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function. | |||||
| CVE-2024-39129 | 2024-12-06 | N/A | 5.3 MEDIUM | ||
| Heap Buffer Overflow vulnerability in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function PushTSBuf() at /src/PayloadBuf.cpp. | |||||
| CVE-2024-37863 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file. | |||||
| CVE-2024-37861 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file. | |||||
| CVE-2023-25435 | 1 Libtiff | 1 Libtiff | 2024-12-06 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753. | |||||
| CVE-2024-52533 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character. | |||||
| CVE-2024-47248 | 2024-12-06 | N/A | 6.3 MEDIUM | ||
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Apache NimBLE. Specially crafted MESH message could result in memory corruption when non-default build configuration is used. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue. | |||||
| CVE-2024-48406 | 2024-12-04 | N/A | 9.8 CRITICAL | ||
| Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an attacker to execute arbitrary code via the power(uct_int_t x, uct_int_t n) in src/uct_upstream.c. | |||||
| CVE-2024-11959 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2024-12-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11960 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2024-12-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||