PT-2024-26435 · Libyaml · Libyaml

Name of the Vulnerable Software and Affected Versions: libyaml version 0.2.5 Description: The issue affects the function yaml parser parse of the file /src/libyaml/src/parser.c, making libyaml vulnerable to Denial of Service DDOS attacks. Recommendations: As a temporary workaround, consider...

PT-2024-37231 · Sourcecodester · Employee/Visitor Gate Pass Logging System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 Description: A critical issue was found in the save users function of the /classes/Users.php file, specifically in the id argument, which leads to sql injection. This...

PT-2024-27514 · Lxml · Lxml

Name of the Vulnerable Software and Affected Versions: lxml versions prior to 4.9.1 Description: An XML External Entity XXE vulnerability in the ebookmeta.get metadata function allows attackers to access sensitive information or cause a Denial of Service DoS via crafted XML input. Recommendations...

PT-2024-21862 · Samsung · Exynos 1280 +4

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos 980 Samsung Mobile Processor Exynos 850 Samsung Mobile Processor Exynos 1280 Samsung Mobile Processor Exynos 1380 Samsung Mobile Processor Exynos 1330 Description: An issue was discovered in the function slsi n...

PT-2024-26504 · Irontec +1 · Sngrep +1

Name of the Vulnerable Software and Affected Versions: Irontec Sngrep version 1.8.1 Description: The issue is a heap buffer overflow that can be triggered via the rtp check packet function, located at /sngrep/src/rtp.c. This allows attackers to cause a Denial of Service DoS by sending a crafted S...

PT-2024-27103 · WordPress · Wp Scraper

Name of the Vulnerable Software and Affected Versions: WP Scraper plugin for WordPress versions up to, and including, 5.7 Description: The issue is related to unauthorized access due to a missing capability check on the wp scraper multi scrape action function. This allows authenticated attackers...

PT-2024-26471 · Cesanta · Mjs

Name of the Vulnerable Software and Affected Versions: Cesanta mjs version 2.20.0 Description: An issue in Cesanta mjs allows a remote attacker to cause a denial of service via the mjs mk ffi sig function in the mjs.c file. Recommendations: For Cesanta mjs version 2.20.0, consider disabling the m...

PT-2024-33660 · Unknown · Code-Projects Simple Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A problematic issue was found in the code-projects Simple Chat System, affecting an unknown function of the file /register.php. The manipulation of the name argument leads to cross-sit...

The vulnerabilities of the functions ncm_set_alt() and ncm_disable() in the driver drivers/usb/gadget/function/f_ncm.c of the Linux operating system’s USB gadget kernel, which allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerabilities of the functions ncmsetalt and ncmdisable in the drivers/usb/gadget/function/fncm.c file of the USB gadget driver module of the Linux operating system are related to the repeated use of previously freed memory. Exploiting these vulnerabilities could allow an attacker to...

PT-2024-6208 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to the function H5E printf stack in the file H5Eint.c of the HDF5 Library, which is associated with uncontrolled recursion. This can lead to stack consumption. Exploitati...

PT-2024-3694 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the setMacFilterRules function, which can be exploited by a remote attacker to execute arbitrary code. Recommendations: For TOTOLINK CP450...

PT-2024-25477 · Mp-Spdz · Mp-Spdz

Name of the Vulnerable Software and Affected Versions: MP-SPDZ version 0.3.8 Description: A stack overflow was discovered in the function OTExtensionWithMatrix::extend in /OT/OTExtensionWithMatrix.cpp. This issue allows attackers to cause a Denial of Service DoS via a crafted message...

PT-2024-25771 · Wasm3 · Wasm3

Name of the Vulnerable Software and Affected Versions: wasm3 version 0.5.0 Description: A global buffer overflow was discovered in wasm3, leading to a segmentation fault. This issue is related to the function PreserveRegisterIfOccupied in wasm3/source/m3 compile.c. Recommendations: For wasm3...

PT-2024-25747 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the SetPortForwardRules function. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider disabling the SetPortForwardRul...

PT-2024-25738 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the setLanguageCfg function, which can be exploited. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider disabling th...

PT-2024-29942

Name of the Vulnerable Software and Affected Versions Tenda W9 version 1.0.0.74456 Description A critical vulnerability has been found in the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument ssidIndex leads to a stack-based buffer overflow. It is possible ...

PT-2024-29521 · Tenda · Tenda 4G300

Name of the Vulnerable Software and Affected Versions: Tenda 4G300 version 1.01.42 Description: A critical issue affects the function sub 429A30. The manipulation of the argument list1 leads to a stack-based buffer overflow. The attack may be initiated remotely. The vendor was contacted about thi...

PT-2024-4528 · FFmpeg +5 · Ffmpeg +5

Name of the Vulnerable Software and Affected Versions: Ffmpeg version v.n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow in the ff bwdif filter intra c function, located in the libavfilter/bwdifdsp.c component. This allows an attacker to execute arbitrary code. The...

PT-2024-24497 · Tenda · Tenda Fh1205

Name of the Vulnerable Software and Affected Versions: Tenda FH1205 version 2.0.0.7775 Description: The issue is a stack overflow vulnerability. It is located via the PPW parameter in the fromWizardHandle function. Recommendations: For Tenda FH1205 version 2.0.0.7775, consider disabling the...

PT-2024-3218 · Tenda · Tenda W15E

Name of the Vulnerable Software and Affected Versions: Tenda W15E version 15.11.0.14 Description: A critical issue affects the formSetStaticRoute function of the /goform/setStaticRoute file, where manipulation of the staticRouteIndex argument leads to a stack-based buffer overflow. This can be...