CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

209 matches found

Vulnrichment•added 2023/01/26 9:24 p.m.•6 views

CVE-2022-40992

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS9.1AI score0.01372EPSS

Exploits0References1

Vulnrichment•added 2023/01/26 9:24 p.m.•4 views

CVE-2022-40990

7.2CVSS8AI score0.01415EPSS

Exploits0References1

CVE•added 2023/01/26 9:24 p.m.•58 views

CVE-2022-40990

CVE-2022-40990 refers to multiple stack-based buffer overflow vulnerabilities in the DetranCLI command parsing of the Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 firmware. The TALOS advisory confirms a stack-based overflow in the DetranCLI templates, notably the command template starting with no b...

9.8CVSS9.9AI score0.01415EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/01/26 9:24 p.m.•9 views

CVE-2022-40997

7.2CVSS9.1AI score0.01372EPSS

Exploits0References1

Cvelist•added 2023/01/26 9:24 p.m.•19 views

CVE-2022-40998

7.2CVSS10AI score0.01415EPSS

Exploits0References1

CVE•added 2023/01/26 9:24 p.m.•65 views

CVE-2022-40997

CVE-2022-40997 affects Siretta QUARTZ-GOLD routers (G5.0.1.5-210720-141020). The DetranCLI command parser contains stack-based buffer overflows in the gre index destination A.B.C.D/M description (WORD|null) template, which can be triggered by specially crafted network packets to achieve arbitrar...

9.8CVSS9.9AI score0.01372EPSS

Exploits0References2Affected Software1

CVE•added 2023/01/26 9:24 p.m.•62 views

CVE-2022-40998

CVE-2022-40998 concerns stack-based buffer overflow vulnerabilities in the DetranCLI command parsing of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. The issue is triggered by the DetranCLI command template no gre index destination A.B.C.D/M description (WORD|null), where improper handling can lea...

9.8CVSS9.9AI score0.01415EPSS

Exploits0References2Affected Software1

CVE•added 2023/01/26 9:24 p.m.•54 views

CVE-2022-40996

The TALOS-2022-1613 report details CVE-2022-40996 affecting Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. The vulnerability is a stack-based buffer overflow in the DetranCLI command parsing framework, specifically within a command template such as no firmwall srcmac/srcip/dstip/protocol/srcport/dst...

9.8CVSS9.9AI score0.01372EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/01/26 9:24 p.m.•6 views

CVE-2022-40993

7.2CVSS9.1AI score0.01372EPSS

Exploits0References1

Cvelist•added 2023/01/26 9:24 p.m.•16 views

CVE-2022-40994

7.2CVSS10AI score0.01372EPSS

Exploits0References1

Cvelist•added 2023/01/26 9:24 p.m.•16 views

CVE-2022-40985

7.2CVSS10AI score0.01649EPSS

Exploits0References1

Vulnrichment•added 2023/01/26 9:24 p.m.•6 views

CVE-2022-40988

7.2CVSS7.7AI score0.01372EPSS

Exploits0References1

Vulnrichment•added 2023/01/26 9:24 p.m.•5 views

CVE-2022-40986

7.2CVSS7.7AI score0.01415EPSS

Exploits0References1

Vulnrichment•added 2023/01/26 9:24 p.m.•11 views

CVE-2022-40989

7.2CVSS8AI score0.01372EPSS

Exploits0References1

CVE•added 2023/01/26 9:24 p.m.•61 views

CVE-2022-40988

Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) has stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically the ipv6 static dns WORD WORD WORD template. TALOS details show a vulnerable use of sprintf without proper bounds checking, enabling arbitrary command execut...

9.8CVSS9.9AI score0.01372EPSS

Exploits0References2Affected Software1

CVE•added 2023/01/26 9:24 p.m.•67 views

CVE-2022-40985

The connected Talos advisories confirm CVE-2022-40985 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) with stack-based/remote command execution paths, including an arbitrary command execution sequence linked to the M2M/web features. Affected component: QUARTZ-GOLD firmware and its CLI/HTTP/M...

9.8CVSS9.9AI score0.01649EPSS

Exploits0References2Affected Software1

CVE•added 2023/01/26 9:24 p.m.•61 views

CVE-2022-40987

CVE-2022-40987 affects Siretta QUARTZ-GOLD, specifically the DetranCLI command parsing stack-based buffer overflow in the G5.0.1.5-210720-141020 firmware. The issue stems from unsafe buffer handling in the command template for (ddns1|ddns2) username WORD password CODE, where a stack overflow can ...

9.8CVSS10AI score0.01372EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2023/01/26 12:0 a.m.•4 views

PT-2023-13933 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary command...

9.8CVSS7.7AI score0.01666EPSS

Exploits1References3

Positive Technologies•added 2023/01/26 12:0 a.m.•5 views

PT-2023-13922 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue is related to stack-based buffer overflow vulnerabilities in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary comma...

9.8CVSS7.7AI score0.01415EPSS

Exploits0References2

Positive Technologies•added 2023/01/26 12:0 a.m.•4 views

PT-2023-13949 · Siretta · Siretta Quartz-Gold

7.2CVSS7.5AI score0.01665EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by