Total
3555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-51012 | 1 Netgear | 2 R8500, R8500 Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51013 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51015 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request. | |||||
| CVE-2024-51017 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51018 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51019 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-51020 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISP_detail_edit.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52028 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52029 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-52030 | 1 Netgear | 2 R7000p, R7000p Firmware | 2025-05-02 | N/A | 5.7 MEDIUM |
| Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at ru_wan_flow.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2023-28210 | 1 Apple | 1 Macos | 2025-05-01 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-32356 | 1 Apple | 1 Macos | 2025-05-01 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-28215 | 1 Apple | 1 Macos | 2025-05-01 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-28209 | 1 Apple | 1 Macos | 2025-05-01 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2022-43343 | 1 N-prolog Project | 1 N-prolog | 2025-05-01 | N/A | 7.5 HIGH |
| N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. | |||||
| CVE-2024-50997 | 1 Netgear | 8 R6400v2, R6400v2 Firmware, R7000p and 5 more | 2025-05-01 | N/A | 5.7 MEDIUM |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2024-31951 | 1 Frrouting | 1 Frrouting | 2025-05-01 | N/A | 6.5 MEDIUM |
| In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated). | |||||
| CVE-2024-31950 | 1 Frrouting | 1 Frrouting | 2025-05-01 | N/A | 6.5 MEDIUM |
| In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated). | |||||
| CVE-2021-44154 | 1 Reprisesoftware | 1 Reprise License Manager | 2025-04-30 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Reprise RLM 14.2. By using an admin account, an attacker can write a payload to /goform/edit_opt, which will then be triggered when running the diagnostics (via /goform/diagnostics_doit), resulting in a buffer overflow. | |||||
| CVE-2021-47172 | 1 Linux | 1 Linux Kernel | 2025-04-30 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as part of a fix to ensure we didn't rely on the ordering of child nodes. So we need to support arbitrary ordering but they all need to be there somewhere. Note I hit this when using qemu to test the rest of this series. Arguably this isn't the best fix, but it is probably the most minimal option for backporting etc. Alexandru's sign-off is here because he carried this patch in a larger set that Jonathan then applied. | |||||