CVE-2024-25748

A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42multi allows a remote attacker to execute arbitrary code via the fromSetIpMacBind function...

CVE-2024-33182

Tenda AC18 V15.03.3.10EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter...

CVE-2024-31496

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or...

CVE-2024-41464

Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic...

CVE-2024-41460

Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic...

CVE-2024-24731

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the httpdownload command. The issue results from t...

CVE-2024-0928

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow. The attack can be launched remotely. The exploit h...

CVE-2024-0962

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function getsplitentry of the file src/coaposcore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-0925

A vulnerability has been found in Tenda AC10U 15.03.06.49multiTDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclos...

CVE-2024-8408

A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validateservicesport of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument servicesarray leads to stack-based buffer overflow. The...

CVE-2024-40417

A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow...

CVE-2024-35276

A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager Cloud versions 7.4.1...

CVE-2024-23973

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP GET requests. The issue results from the lack of...

CVE-2024-50697

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow...

CVE-2024-12352

A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This vulnerability affects the function sub40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The...

CVE-2023-7214

A vulnerability, which was classified as critical, has been found in Totolink N350RT 9.3.5u.6139B20201216. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v8 leads to stack-based...

CVE-2023-7220

A vulnerability was found in Totolink NR1800X 9.1.0u.6279B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. Th...

CVE-2023-23781

A stack-based buffer overflow vulnerability CWE-121 in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files...

CVE-2023-33220

During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...

CVE-2023-37293

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...