Total
12286 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37712 | 1 Tenda | 6 Ac1206, Ac1206 Firmware, F1202 and 3 more | 2025-01-06 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function. | |||||
| CVE-2023-28478 | 1 Tp-link | 2 Ec70, Ec70 Firmware | 2025-01-06 | N/A | 8.8 HIGH |
| TP-Link EC-70 devices through 2.3.4 Build 20220902 rel.69498 have a Buffer Overflow. | |||||
| CVE-2023-26965 | 1 Libtiff | 1 Libtiff | 2025-01-06 | N/A | 5.5 MEDIUM |
| loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. | |||||
| CVE-2023-34940 | 1 Asus | 2 Rt-n10lx, Rt-n10lx Firmware | 2025-01-06 | N/A | 7.5 HIGH |
| Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-48229 | 1 Contiki-ng | 1 Contiki-ng | 2025-01-06 | N/A | 7.0 HIGH |
| Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds write exists in the driver for IEEE 802.15.4 radios on nRF platforms in the Contiki-NG operating system. The problem is triggered when parsing radio frames in the `read_frame` function in the `arch/cpu/nrf/net/nrf-ieee-driver-arch.c` module. More specifically, the `read_frame` function performs an incomplete validation of the payload length of the packet, which is a value that can be set by an external party that sends radio packets to a Contiki-NG system. Although the value is validated to be in the range of the MTU length, it is not validated to fit into the given buffer into which the packet will be copied. The problem has been patched in the "develop" branch of Contiki-NG and is expected to be included in subsequent releases. Users are advised to update their develop branch or to update to a subsequent release when available. Users unable to upgrade should consider manually applying the changes in PR #2741. | |||||
| CVE-2024-53842 | 2025-01-03 | N/A | 9.8 CRITICAL | ||
| In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-53838 | 2025-01-03 | N/A | 7.8 HIGH | ||
| In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-53837 | 2025-01-03 | N/A | 7.8 HIGH | ||
| In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-53836 | 2025-01-03 | N/A | 6.7 MEDIUM | ||
| In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-29562 | 1 Tp-link | 2 Tl-wpa7510, Tl-wpa7510 Firmware | 2025-01-03 | N/A | 9.8 CRITICAL |
| TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale. | |||||
| CVE-2023-29160 | 1 Fujielectric | 1 Frenic Rhc Loader | 2025-01-03 | N/A | 7.8 HIGH |
| Stack-based buffer overflow vulnerability exists in FRENIC RHC Loader v1.1.0.3. If a user opens a specially crafted FNE file, sensitive information on the system where the affected product is installed may be disclosed or arbitrary code may be executed. | |||||
| CVE-2023-34297 | 1 Santesoft | 1 Dicom Viewer Pro | 2025-01-03 | N/A | 8.8 HIGH |
| Sante DICOM Viewer Pro JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21127. | |||||
| CVE-2023-34296 | 1 Santesoft | 1 Dicom Viewer Pro | 2025-01-03 | N/A | 8.8 HIGH |
| Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21126. | |||||
| CVE-2023-34295 | 1 Santesoft | 1 Dicom Viewer Pro | 2025-01-03 | N/A | 8.8 HIGH |
| Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21125. | |||||
| CVE-2023-32133 | 1 Santesoft | 2 Dicom Editor, Dicom Viewer Pro | 2025-01-03 | N/A | 8.8 HIGH |
| Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15628. | |||||
| CVE-2023-32132 | 1 Santesoft | 2 Dicom Editor, Dicom Viewer Pro | 2025-01-03 | N/A | 8.8 HIGH |
| Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM images. Crafted data in a DCM image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15627. | |||||
| CVE-2023-32131 | 1 Santesoft | 2 Dicom Editor, Dicom Viewer Pro | 2025-01-03 | N/A | 8.8 HIGH |
| Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM images. Crafted data in a DCM image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15626. | |||||
| CVE-2022-28550 | 1 Jhead Project | 1 Jhead | 2025-01-03 | N/A | 9.8 CRITICAL |
| Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when multiple `&i` or `&o` are given. | |||||
| CVE-2024-11578 | 1 Luxion | 1 Keyshot | 2025-01-03 | N/A | 7.8 HIGH |
| Luxion KeyShot 3DS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23693. | |||||
| CVE-2024-13051 | 1 Ashlar | 1 Graphite | 2025-01-03 | N/A | 7.8 HIGH |
| Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24977. | |||||