CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

561 matches found

CNNVD•added 2024/08/27 12:0 a.m.•1 views

D-Link多款产品命令注入漏洞

D-Link DNS-320 and others are products of China-based AUO D-Link.D-Link DNS-320 is a NAS Network Attached Storage device.D-Link DNS-120 is a network storage adapter.D-Link DNS-315L is a network attached storage. A command injection vulnerability exists in various D-Link products. The vulnerabilit...

9.8CVSS7AI score0.03473EPSS

Exploits1References7

RedhatCVE•added 2024/08/19 1:16 p.m.•17 views

CVE-2024-43839

A vulnerability was found in the Linux kernel involving insufficient buffer size in the bnatcb and bnaccb structures. The buffer, named name, was originally 16 bytes, which was inadequate for all possible sprintf arguments, especially when handling %s and %d specifiers. This limitation could...

6.6CVSS7.2AI score0.00024EPSS

Exploits0References4

NVD•added 2024/08/17 10:15 a.m.•12 views

CVE-2024-43839

In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...

7.8CVSS0.00024EPSS

Exploits0References10

UbuntuCve•added 2024/08/17 10:15 a.m.•14 views

CVE-2024-43839

7.8CVSS6.4AI score0.00024EPSS

Exploits0References26

Debian CVE•added 2024/08/17 9:21 a.m.•13 views

CVE-2024-43839

7.8CVSS5.7AI score0.00024EPSS

Exploits0

CVE•added 2024/08/17 9:21 a.m.•129 views

CVE-2024-43839

CVE-2024-43839 : Linux kernel vulnerability fixed by increasing the internal name buffer in bna_tcb and bna_ccb from 16 to accommodate longer sprintf arguments, and replacing sprintf with snprintf. The change accounts for bnad->netdev->name and expected expansions for %d specifiers, using B...

7.8CVSS6.6AI score0.00024EPSS

Exploits0References10Affected Software1

OSV•added 2024/08/17 9:21 a.m.•9 views

CVE-2024-43839 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures

7.8CVSS6.3AI score0.00024EPSS

Exploits0References13

Cvelist•added 2024/08/17 9:21 a.m.•24 views

CVE-2024-43839 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures

0.00024EPSS

Exploits0References8

Vulnrichment•added 2024/08/17 9:21 a.m.•11 views

CVE-2024-43839 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures

6.9AI score0.00024EPSS

Exploits0References8

NVD•added 2024/08/17 9:15 a.m.•24 views

CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

7.8CVSS0.00022EPSS

Exploits0References10

UbuntuCve•added 2024/08/17 9:15 a.m.•27 views

CVE-2024-42301

7.8CVSS6.5AI score0.00022EPSS

Exploits0References35

Vulnrichment•added 2024/08/17 9:9 a.m.•16 views

CVE-2024-42301 dev/parport: fix the array out-of-bounds risk

7.1AI score0.00022EPSS

Exploits0References8

CVE•added 2024/08/17 9:9 a.m.•186 views

CVE-2024-42301

CVE-2024-42301 affects the Linux kernel’s dev/parport component, where an array out-of-bounds risk was introduced. The vulnerability was addressed by replacing unsafe data copying (sprintf) with snprintf to prevent buffer overflow. The initial report includes a kernel stack and Do_Hardware_Base_A...

7.8CVSS6.9AI score0.00022EPSS

Exploits0References10Affected Software1

Debian CVE•added 2024/08/17 9:9 a.m.•22 views

CVE-2024-42301

7.8CVSS5.9AI score0.00022EPSS

Exploits0

Cvelist•added 2024/08/17 9:9 a.m.•24 views

CVE-2024-42301 dev/parport: fix the array out-of-bounds risk

0.00022EPSS

Exploits0References8

OSV•added 2024/08/15 5:15 p.m.•2 views

CVE-2024-42987

Tenda FH1206 v02.03.01.35 was discovered to contain a stack-based buffer overflow vulnerability in the fromPptpUserAdd function. The vulnerability can be triggered via the modino, username, newpwd, or pptpdnetseg parameters, all of which are passed via HTTP POST and used in unsafe sprintf calls...

7.5CVSS6.4AI score

Exploits0References4

Cvelist•added 2024/08/13 6:31 a.m.•22 views

CVE-2024-7715 D-Link DNS-1550-04 photocenter_mgr.cgi sprintf command injection

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240812. It has been...

6.5CVSS0.02291EPSS

Exploits0References5

Vulnrichment•added 2024/07/12 12:32 p.m.•16 views

CVE-2024-40978 scsi: qedi: Fix crash while reading debugfs attribute

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...

6.8AI score0.00007EPSS

Exploits0References8

RedhatCVE•added 2024/06/20 3:27 p.m.•24 views

CVE-2024-38577

A potential buffer overflow was found in showrcutaskstracegpkthread in the Linux kernel. This issue may lead to a crash...

5.5CVSS9.4AI score0.00011EPSS

Exploits0References4

UbuntuCve•added 2024/06/19 2:15 p.m.•17 views

CVE-2024-38576

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in printcpustallinfo The rcuc-starvation output from printcpustallinfo might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers...

7.1CVSS6.5AI score0.00119EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by