Vulnerabilities (CVE)

Filtered by CWE-121
Total 1276 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-44859 1 Tenda 2 Fh1201, Fh1201 Firmware 2025-04-09 N/A 8.0 HIGH
Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`.
CVE-2025-3161 1 Tenda 2 Ac10, Ac10 Firmware 2025-04-09 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-20998 2 Netapp, Oracle 5 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 2 more 2025-04-09 N/A 4.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21054 2 Netapp, Oracle 5 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 2 more 2025-04-09 N/A 4.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21053 2 Netapp, Oracle 4 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 1 more 2025-04-09 N/A 4.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2022-40517 1 Qualcomm 362 Aqt1000, Aqt1000 Firmware, Ar8031 and 359 more 2025-04-09 N/A 8.4 HIGH
Memory corruption in core due to stack-based buffer overflow
CVE-2022-40516 1 Qualcomm 368 Aqt1000, Aqt1000 Firmware, Ar8031 and 365 more 2025-04-09 N/A 8.4 HIGH
Memory corruption in Core due to stack-based buffer overflow.
CVE-2024-32302 1 Tenda 2 Fh1202, Fh1202 Firmware 2025-04-09 N/A 6.3 MEDIUM
Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function.
CVE-2024-32315 1 Tenda 2 Fh1202, Fh1202 Firmware 2025-04-09 N/A 4.7 MEDIUM
Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function.
CVE-2024-32305 1 Tenda 2 A18, A18 Firmware 2025-04-09 N/A 8.8 HIGH
Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.
CVE-2024-34207 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 N/A 8.8 HIGH
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function.
CVE-2024-34209 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 N/A 9.8 CRITICAL
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setIpPortFilterRules function.
CVE-2024-34212 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 N/A 7.3 HIGH
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function.
CVE-2024-34213 1 Totolink 2 Cp450, Cp450 Firmware 2025-04-09 N/A 9.8 CRITICAL
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the SetPortForwardRules function.
CVE-2017-16307 1 Insteon 2 Hub, Hub Firmware 2025-04-09 N/A 9.9 CRITICAL
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b310, the value for the `cmd1` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
CVE-2017-16290 1 Insteon 2 Hub, Hub Firmware 2025-04-09 N/A 9.9 CRITICAL
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sun, at 0x9d01980c, the value for the `sunrise` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
CVE-2017-16289 1 Insteon 2 Hub, Hub Firmware 2025-04-09 N/A 9.9 CRITICAL
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_utc, at 0x9d0193ac, the value for the `offset` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
CVE-2017-16278 1 Insteon 2 Hub, Hub Firmware 2025-04-09 N/A 9.9 CRITICAL
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d01815c, the value for the `ip` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
CVE-2017-16276 1 Insteon 2 Hub, Hub Firmware 2025-04-09 N/A 9.9 CRITICAL
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_grp, at 0x9d0175f4, the value for the `gbt` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
CVE-2017-16275 1 Insteon 2 Hub, Hub Firmware 2025-04-09 N/A 9.9 CRITICAL
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_grp, at 0x9d01758c, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.