36 matches found
The vulnerability of the formSetClientState function (/goform/SetClientState) in the Tenda AC10U router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formSetClientState function /goform/SetClientState in the Tenda AC10U router’s microprogramming software lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
CVE-2023-52636 libceph: just wait for more data to be available on the socket
In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes all readpartial...
CVE-2022-46533
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState...
CVE-2022-46536
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState...
Tenda F1203 安全漏洞
The Tenda F1203 is a wireless router from China-based Tenda. A security vulnerability exists in the Tenda F1203 firmware version V2.0.1.6, which stems from a limitSpeed parameter in its /goform/SetClientState component that allows an attacker to achieve a buffer overflow...
Tenda F1203 安全漏洞
The Tenda F1203 is a wireless router from China-based Tenda. A security vulnerability exists in Tenda F1203 firmware version V2.0.1.6, which stems from the limitSpeedUp parameter of its /goform/SetClientState component that allows an attacker to achieve a buffer overflow...
Tenda AC15 缓冲区错误漏洞
Tenda AC15 is a wireless router from Tenda, China. A security vulnerability exists in Tenda AC15 version V15.03.06.23, which originates from a buffer overflow via the formSetClientState function...
CVE-2022-45646
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function...
Tenda AC6 安全漏洞
Tenda AC6 is a wireless router from Tenda, China. A security vulnerability exists in Tenda AC6V1.0 V15.03.05.19, which originates from a buffer overflow vulnerability contained in the deviceId parameter in the formSetClientState function...
The vulnerability of the httpd module of the microprogramming system used in Tenda AC18 routers allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the httpd microprogramming system for the Tenda AC18 router is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information by using...
CVE-2022-30477
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...
CVE-2022-30477
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...
Tenda AC Series Router 缓冲区错误漏洞
Tenda AC Series Router is a series of wireless routers from Tenda China. A security vulnerability exists in Tenda AC Series Router AC18V15.03.05.196318, which originates from a stack-based buffer overflow in the httpd module when processing /goform/SetClientState requests...
Google Android 资源管理错误漏洞
Google Android is a Linux-based open source operating system from Google, Inc. The vulnerability stems from a post-release reuse and out-of-bounds write vulnerability in setClientStateLocked in SurfaceFlinger.cpp. An attacker could exploit the vulnerability to cause a local privilege escalation...
wolfSSL Information Disclosure Vulnerability (CNVD-2020-49929)
wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. An information disclosure vulnerability exists in wolfSSL versions prior to 4.5.0. The vulnerability is related to a buggy implementatio...
CVE-2004-2598
Quake II server before R1Q2, as used in multiple products, allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command, then reconnecting, which prevents a mod from being notified of changes in the client state. NOTE: the...