CVE-2024-24450

CVE-2024-24450 affects OpenAirInterface CN5G AMF

PT-2024-10296 · Planet Technology +1 · Planet Wgs-804Hpt +2

The affected product is susceptible to a stack-based buffer overflow, which can be triggered by an unauthenticated attacker sending a malicious HTTP request. The webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution. An exploit f...

Security Bulletin: IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service

Summary IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to ope...

Fortinet FortiManager和FortiAnalyzer 安全漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are both products of Fortinet, Inc. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains AD...

Ivanti Connect Secure 安全漏洞

Ivanti Connect Secure is a secure remote network connection tool from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Connect Secure that stems from the inclusion of a stack-based buffer overflow vulnerability...

PT-2024-24120 · Fortinet · Fortimanager +2

Name of the Vulnerable Software and Affected Versions: FortiManager versions 7.4.0 through 7.4.2 and before 7.2.5 FortiAnalyzer versions 7.4.0 through 7.4.2 and before 7.2.5 FortiAnalyzer-BigData versions 7.4.0 and before 7.2.7 Description: A stack-based buffer overflow issue allows a privileged...

CVE-2024-11056 Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-11048 D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrvasp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2024-11047 D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp stack-based overflow

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgradefilterasp of the file /upgradefilter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely...

CVE-2024-10698 Tenda AC6 SetOnlineDevName formSetDeviceName stack-based overflow

A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The...

CVE-2024-10662 Tenda AC15 SetOnlineDevName formSetDeviceName stack-based overflow

A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit...

CVE-2024-10661 Tenda AC15 SetDlnaCfg stack-based overflow

A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit...

CVE-2024-10661 Tenda AC15 SetDlnaCfg stack-based overflow

A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit...

Stack-based buffer overflow vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

Overview Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in laser printers and MFPs multifunction printers. Web Image Monitor contains a stack-based buffer overflow vulnerability CWE-121 due to inappropriate parsing process of HTTP request. Zhihong Tian, Hui L...

CVE-2024-7992

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current proces...

CVE-2024-10434 Tenda AC1206 ate ate_Tenda_mfg_check_usb3 stack-based overflow

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ateTendamfgcheckusb/ateTendamfgcheckusb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attac...

CVE-2024-10351 Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow

A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...

CVE-2024-10283 Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-10282 Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow

A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launch...

CVE-2024-10281

A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotel...