CVE-2023-4257

Unchecked user input length in /subsys/net/l2/wifi/wifishell.c can cause buffer overflows...

CVE-2025-51823

libcsp 2.0 is vulnerable to Buffer Overflow in the cspethinit function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member ctx-name without validating the input length...

PCMan FTP Server 安全漏洞

PCMan FTP Server is PCMan open source set of FTP server software. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the CDUP Command Handler not checking the input for valid length when processing CDUP commands, no details of the vulnerability are provided at this time...

PCMan FTP Server 安全漏洞

PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from the SYST command processing component failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a deni...

NetGear RAX30 安全漏洞

The NETGEAR RAX30 is a dual-band wireless router from NETGEAR. The NETGEAR RAX30 suffers from a buffer overflow vulnerability that stems from a lack of validation of the length of user-supplied data, which can be exploited by an attacker to execute arbitrary code...

Eaton Foreseer EPMS 安全漏洞

Eaton Foreseer EPMS is a highly customizable web-based software platform from Eaton Corporation. A security vulnerability exists in Eaton Foreseer EPMS prior to version 7.8.600, which arises from an input field that does not check the length and bounds of an input value, which could result in...

PT-2024-24058 · Eaton · Eaton Foreseer

Name of the Vulnerable Software and Affected Versions: Eaton Foreseer affected versions not specified Description: The Eaton Foreseer software has a security issue related to its customizable input fields, which allow users to configure parameters such as alarms and reports. Some of these input...

PT-2024-38409

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

PT-2024-15077 · Zephyrproject Rtos +1 · Zephyr

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue is related to an unchecked length coming from user input in the settings shell. This could potentially lead to exploitation. No specific details about affected devices or...

CVE-2023-4257

Unchecked user input length in /subsys/net/l2/wifi/wifishell.c can cause buffer overflows...

PT-2023-6108 · D Link · D-Link Dap-1325

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1325 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. The specific flaw exists within the handling of XML data...

PT-2023-4864 · D Link · D-Link Dap-2622

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2622 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. The specific flaw exists within the DDP service, resulti...

PT-2023-4839 · D Link · D-Link Dap-2622

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2622 affected versions not specified Description: The issue is related to a buffer overflow in the DDP service of the D-Link DAP-2622 wireless access point firmware. This can be exploited by a remote attacker to execute arbitrary...

PT-2023-9253 · Actiontec · Actiontec Wcb6200Q

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the uh tcp recv header function of the HTTP server in the Actiontec WCB6200Q Wi-Fi range extender microprogram. This...

SUSE CVE-2015-9542

addpassword in pamradiusauth.c in pamradius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy. An attacker could send a crafted password to an application loading the pamradius library and crash it. Arbitrary code...

PT-2022-13028 · Netatalk +3 · Netatalk +3

Name of the Vulnerable Software and Affected Versions: Netatalk affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this issue. The specific flaw exists within th...

Sonos One Speaker 缓冲区错误漏洞

Sonos One Speaker is a smart speaker by Sonos, Inc. Sonos One Speaker suffers from a buffer error vulnerability that stems from a lack of proper validation of the length of user-supplied data before copying it into a stack-based buffer. An attacker could use this vulnerability to execute code in...

Google Android输入验证错误漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. Google Android suffers from an input validation error vulnerability that stems from the program's lack of checking the length of user-supplied data. qcm4290, qcs2290, qcs405, qcs410, qcs4290, qcs61...

CVE-2021-28196

The specific function in ASUS BMC’s firmware Web management page Generate SSL certificate function does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the...

CVE-2021-28202

The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service...