CVE-2024-0992

A vulnerability was found in Tenda i6 1.0.0.93857 and classified as critical. This issue affects the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. T...

CVE-2024-0578

A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619B20230130. Affected is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to stack-based buffer overflow. It is possible to launch the attack remotely...

CVE-2024-0534

A vulnerability classified as critical has been found in Tenda A15 15.13.07.13. Affected is an unknown function of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch...

CVE-2024-0538

A vulnerability has been found in Tenda W9 1.0.0.74456 and classified as critical. This vulnerability affects the function formQosManageauto of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit h...

CVE-2024-0574

A vulnerability was found in Totolink LR1200GB 9.1.0u.6619B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may be launched remotel...

CVE-2024-0996

A vulnerability classified as critical has been found in Tenda i9 1.0.0.94122. This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...

CVE-2024-8227

A vulnerability was found in Tenda O1 1.0.0.710648 and classified as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer...

CVE-2024-8225

A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-8231

A vulnerability classified as critical has been found in Tenda O6 1.0.0.72054. Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to launch the attack remotel...

CVE-2024-8226

A vulnerability has been found in Tenda O1 1.0.0.710648 and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched remotely. The explo...

SUSE: Security Advisory (SUSE-SU-2025:0344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:0344-1 Security update for orc

This update for orc fixes the following issues: - CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184...

CVE-2025-25066

nDPI through 4.12 has a potential stack-based buffer overflow in ndpiaddresscacherestore in lib/ndpicache.c...

CVE-2025-25066

nDPI through 4.12 has a potential stack-based buffer overflow in ndpiaddresscacherestore in lib/ndpicache.c...

CVE-2024-53296

Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

CVE-2024-53296

CVE-2024-53296 affects Dell PowerProtect DD (Data Domain) with a stack-based buffer overflow in the RestAPI. Public details indicate vulnerable versions include Dell PowerProtect DD prior to 7.10.1.50 and 7.13.1.20 (per NVD description), with a similar CVE entry noting earlier releases such as 7....

(Pwn2Own) Canon imageCLASS MF656Cdw TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF656Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of TIF files. The issue results from the lack o...

CVE-2024-23968 ChargePoint Home Flex SrvrToSmSetAutoChnlListMsg Stack-based Buffer Overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue...

CVE-2024-23973

CVE-2024-23973 affects Silicon Labs Gecko OS. The vulnerability stems from improper validation of the length of user-supplied data during HTTP GET handling, leading to a stack-based buffer overflow. This flaw enables network-adjacent attackers to execute arbitrary code in the device’s context wit...

CVE-2024-11609

AutomationDirect C‑More EA9/EAP9 contains a stack-based buffer overflow in the EAP9 file parsing due to insufficient validation of user-supplied data length. This allows remote code execution in the affected EA9 installations, with user interaction required (target must visit a malicious page or ...