13311 matches found
CVE-2024-40417
CVE-2024-40417 affects Tenda AX1806 (version 1.0.0.1). The vulnerability is in the function formSetRebootTimer of the file /goform/SetIpMacBind, where manipulating the argument list leads to a stack-based buffer overflow. This is described across multiple sources as enabling a potential denial of...
CVE-2024-39880 Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the curren...
CVE-2024-37997
A vulnerability has been identified in JT Open All versions V11.5, JT2Go All versions V2406.0003, PLM XML SDK All versions V7.1.0.014, Teamcenter Visualization V14.2 All versions V14.2.0.13, Teamcenter Visualization V14.3 All versions V14.3.0.11, Teamcenter Visualization V2312 All versions...
CVE-2024-37997
A vulnerability has been identified in JT Open All versions V11.5, JT2Go All versions V2406.0003, PLM XML SDK All versions V7.1.0.014, Teamcenter Visualization V14.2 All versions V14.2.0.13, Teamcenter Visualization V14.3 All versions V14.3.0.11, Teamcenter Visualization V2312 All versions...
CVE-2024-37997
CVE-2024-37997 affects Siemens JT Open Toolkit family (JT Open, JT2Go, PLM XML SDK, Teamcenter Visualization components). A stack-based overflow when parsing crafted XML enables code execution in the current process. Affected versions include JT Open (< V11.5), JT2Go (< V2406.0003), PLM XML...
Siemens RUGGEDCOM APE 1808
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2023-50330
A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability...
CVE-2023-50330
A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability...
CVE-2023-50244
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...
CVE-2023-50243
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...
CVE-2023-49595
A stack-based buffer overflow vulnerability exists in the boa rollbackcontrolcode functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-50240
Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...
CVE-2023-49073
A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-48270
Realtek rtl819x Jungle SDK v3.4.11 contains a stack-based buffer overflow in boa formDnsv6. A crafted sequence of HTTP requests can lead to arbitrary code execution, with CVSSv3.1 score 7.2 (Network, Privileges Required: High, User Interaction: None, Scope: Unchanged). TALOS-2023-1876 provides a ...
CVE-2023-49073
A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-48270
A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-47856
A stack-based buffer overflow vulnerability exists in the boa setRadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-45215
A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-50239
Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...
CVE-2023-50240
Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...