Vulnerabilities (CVE)

Filtered by CWE-121
Total 2788 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-28568 1 Freeimage Project 1 Freeimage 2026-06-17 N/A 6.2 MEDIUM
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the read_iptc_profile() function when reading images in TIFF format.
CVE-2024-28567 1 Freeimage Project 1 Freeimage 2026-06-17 N/A 6.2 MEDIUM
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_CreateICCProfile() function when reading images in TIFF format.
CVE-2024-28566 1 Freeimage Project 1 Freeimage 2026-06-17 N/A 8.4 HIGH
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format.
CVE-2024-28563 1 Freeimage Project 1 Freeimage 2026-06-17 N/A 5.9 MEDIUM
Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::DwaCompressor::Classifier::Classifier() function when reading images in EXR format.
CVE-2024-28551 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the ssid parameter of form_fast_setting_wifi_set function.
CVE-2024-28550 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 4.3 MEDIUM
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function.
CVE-2024-28547 1 Tenda 2 Ac18, Ac18 Firmware 2026-06-17 N/A 6.5 MEDIUM
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the firewallEn parameter of formSetFirewallCfg function.
CVE-2024-28535 1 Tenda 1 Ac18 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function.
CVE-2024-28447 1 Szlbt 2 Lbt-t300-mini1, Lbt-t300-mini1 Firmware 2026-06-17 N/A 6.5 MEDIUM
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_ipaddr parameters at /apply.cgi.
CVE-2024-28446 1 Szlbt 2 Lbt-t300-mini1, Lbt-t300-mini1 Firmware 2026-06-17 N/A 5.7 MEDIUM
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lan_netmask parameter at /apply.cgi.
CVE-2024-28383 1 Tenda 2 Ax12, Ax12 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AX12 v1.0 v22.03.01.16 was discovered to contain a stack overflow via the ssid parameter in the sub_431CF0 function.
CVE-2024-28283 1 Linksys 2 E1000, E1000 Firmware 2026-06-17 N/A 6.7 MEDIUM
There is stack-based buffer overflow vulnerability in pc_change_act function in Linksys E1000 router firmware version v.2.1.03 and before, leading to remote code execution.
CVE-2024-28038 2026-06-17 N/A 9.0 CRITICAL
The web interface of the affected devices processes a cookie value improperly, leading to a stack buffer overflow. More precisely, giving too long character string to MFPSESSIONID parameter results in a stack buffer overflow. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVE-2024-27683 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2026-06-17 N/A 9.8 CRITICAL
D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function hnap_main. An attacker can send a POST request to trigger the vulnerablilify.
CVE-2024-27657 1 Dlink 2 Dir-823g, Dir-823g Firmware 2026-06-17 N/A 8.8 HIGH
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2024-27656 1 Dlink 2 Dir-823g, Dir-823g Firmware 2026-06-17 N/A 8.8 HIGH
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2024-27655 1 Dlink 2 Dir-823g, Dir-823g Firmware 2026-06-17 N/A 8.8 HIGH
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2024-27571 1 Libtor 2 Lbt-t300-t390, Lbt-t300-t390 Firmware 2026-06-17 N/A 7.5 HIGH
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the makeCurRemoteApList function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27570 1 Libtor 2 Lbt-t300-t390, Lbt-t300-t390 Firmware 2026-06-17 N/A 7.5 HIGH
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the generate_conf_router function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-27569 1 Libtor 2 Lbt-t300-t390, Lbt-t300-t390 Firmware 2026-06-17 N/A 6.5 MEDIUM
LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the init_nvram function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.