CVE-2024-34942

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...

CVE-2024-34943

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting...

CVE-2024-34943

CVE-2024-34943 affects Tenda FH1206 router (version 1.2.0.8(8155) EN). The vulnerability is a stack-based buffer overflow in the ip/goform/NatStaticSetting endpoint via the page parameter due to input length validation issues, enabling potential remote code execution or denial of service. Public ...

CVE-2024-34945

Consolidated: CVE-2024-34945 affects Tenda FH1206 (version 1.2.0.8(8155) EN). A stack-based buffer overflow is triggered via the PPW parameter in the ip/goform/WizardHandle endpoint. Reported by multiple sources to potentially allow arbitrary code execution or denial of service; CVSS v3.1 vector ...

CVE-2024-34944

The CVE-2024-34944 affects Tenda FH1206 firmware version 1.2.0.8(8155) EN. A stack-based buffer overflow is triggered via the list1 parameter at the ip/goform/DhcpListClient endpoint due to insufficient input length validation. Impact is high on confidentiality, integrity, and availability (per C...

CVE-2024-34944

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient...

RHEL 8 : glibc (RHSA-2024:2799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2799 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

CVE-2023-35748

D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit...

CVE-2023-35757 D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2024-33599

CVE-2024-33599 affects the GNU C Library (glibc) with a stack-based overflow in the netgroup cache used by nscd when the fixed-size cache is overwhelmed by client requests. The flaw was introduced in glibc 2.15 and is present only in the nscd binary; exploitation can impact confidentiality, integ...

CVE-2024-21474 Stack-based Buffer Overflow in PMIC

Memory corruption when size of buffer from previous call is used without validation or re-initialization...

CVE-2024-21474 Stack-based Buffer Overflow in PMIC

Memory corruption when size of buffer from previous call is used without validation or re-initialization...

Oracle Linux 9 : gstreamer1-plugins-bad-free (ELSA-2024-2287)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2287 advisory. - CVE-2023-40474: Integer overflow leading to heap overwrite in MXF - CVE-2023-40475: Integer overflow leading to heap overwrite in MXF - CVE-2023-4047...

CVE-2024-4496

A vulnerability was found in Tenda i21 1.0.0.144656. It has been classified as critical. This affects the function formWifiMacFilterSet. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed ...

CVE-2024-4495

A vulnerability was found in Tenda i21 1.0.0.144656 and classified as critical. Affected by this issue is the function formWifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the publ...

CVE-2024-4496

CVE-2024-4496 : A stack-based buffer overflow exists in the Tenda i21 firmware (version 1.0.0.14(4656)) originating from the parameter ssidIndex in the function formWifiMacFilterSet . The vulnerability allows remote attackers to trigger overflow, potentially leading to arbitrary code execution or...

CVE-2024-4495

CVE-2024-4495 affects Tenda i21 (firmware 1.0.0.14(4656)). The issue is in the function formWifiMacFilterGet where the index argument can be mishandled, causing a stack-based buffer overflow. Several connected sources confirm a remote-exploit capable scenario with this vulnerability, rated high/s...

CVE-2024-4494

A vulnerability has been found in Tenda i21 1.0.0.144656 and classified as critical. Affected by this vulnerability is the function formSetUplinkInfo of the file /goform/setUplinkInfo. The manipulation of the argument pingHostIp2 leads to stack-based buffer overflow. The attack can be launched...

CVE-2024-4493

A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.144656. Affected is the function formSetAutoPing. The manipulation of the argument ping1/ping2 leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2024-4492

The CVE-2024-4492 entry concerns Tenda i21 (firmware 1.0.0.14(4656)). The vulnerability is in the formOfflineSet function (/goform/setStaOffline) where manipulating the GO/ssidIndex argument causes a stack-based buffer overflow. It can be exploited remotely, and public exploit details have been d...