5334 matches found
Stack overflow
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the addwhitenode function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
Stack overflow
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
Stack overflow
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-27015
Tenda AC10 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the sub4A75C0 function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-27021
Tenda AC10 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25219
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-27013
Tenda AC10 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-27018
Tenda AC10 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the sub45EC1C function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25215
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25210
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25216
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-25219
Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...
CVE-2023-20102
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
GHSA-GQ63-P39P-JRJF Withdrawn: SQL injection in Yii 2
Withdrawn Advisory This advisory has been withdrawn because the issue originates from a product built on Yii2, not the Yii2 Framework itself. This link is maintained to preserve external references. Original Description SQL injection vulnerability found in Yii Framework Yii 2 Framework before...
Ubuntu: Security Advisory (USN-5984-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-37375
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37352
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-43626
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-28313
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...
CVE-2023-27246
An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted .htaccess file...