8439 matches found
RHEL 8 : glibc (RHSA-2024:2799)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2799 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...
CVE-2023-35748
D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit...
CVE-2023-35757 D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35749
CVE-2023-35749 concerns the D-Link DAP-2622 DDP service. The vulnerability is a stack-based buffer overflow in the firmware upgrade file name handling, triggered by insufficient validation of user-supplied data, allowing a network-adjacent attacker to execute code with root privileges. Authentica...
CVE-2021-34982
The CVE-2021-34982 entry describes a pre-auth, remote code execution vulnerability in the httpd service of NETGEAR routers. The flaw is a stack-based buffer overflow caused by unchecked length of user-supplied data in the strings file, leading to code execution with root privileges when a network...
CVE-2024-33599
CVE-2024-33599 affects the GNU C Library (glibc) with a stack-based overflow in the netgroup cache used by nscd when the fixed-size cache is overwhelmed by client requests. The flaw was introduced in glibc 2.15 and is present only in the nscd binary; exploitation can impact confidentiality, integ...
CVE-2024-21474 Stack-based Buffer Overflow in PMIC
Memory corruption when size of buffer from previous call is used without validation or re-initialization...
CVE-2024-21474 Stack-based Buffer Overflow in PMIC
Memory corruption when size of buffer from previous call is used without validation or re-initialization...
Oracle Linux 9 : gstreamer1-plugins-bad-free (ELSA-2024-2287)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2287 advisory. - CVE-2023-40474: Integer overflow leading to heap overwrite in MXF - CVE-2023-40475: Integer overflow leading to heap overwrite in MXF - CVE-2023-4047...
CVE-2024-4496
A vulnerability was found in Tenda i21 1.0.0.144656. It has been classified as critical. This affects the function formWifiMacFilterSet. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed ...
CVE-2024-4495
A vulnerability was found in Tenda i21 1.0.0.144656 and classified as critical. Affected by this issue is the function formWifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the publ...
CVE-2024-4496
CVE-2024-4496 : A stack-based buffer overflow exists in the Tenda i21 firmware (version 1.0.0.14(4656)) originating from the parameter ssidIndex in the function formWifiMacFilterSet . The vulnerability allows remote attackers to trigger overflow, potentially leading to arbitrary code execution or...
CVE-2024-4495
CVE-2024-4495 affects Tenda i21 (firmware 1.0.0.14(4656)). The issue is in the function formWifiMacFilterGet where the index argument can be mishandled, causing a stack-based buffer overflow. Several connected sources confirm a remote-exploit capable scenario with this vulnerability, rated high/s...
CVE-2024-4494
A vulnerability has been found in Tenda i21 1.0.0.144656 and classified as critical. Affected by this vulnerability is the function formSetUplinkInfo of the file /goform/setUplinkInfo. The manipulation of the argument pingHostIp2 leads to stack-based buffer overflow. The attack can be launched...
CVE-2024-4493
A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.144656. Affected is the function formSetAutoPing. The manipulation of the argument ping1/ping2 leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2024-4492
The CVE-2024-4492 entry concerns Tenda i21 (firmware 1.0.0.14(4656)). The vulnerability is in the formOfflineSet function (/goform/setStaOffline) where manipulating the GO/ssidIndex argument causes a stack-based buffer overflow. It can be exploited remotely, and public exploit details have been d...
CVE-2024-4491
CVE-2024-4491 affects Tenda i21 1.0.0.14(4656). The vulnerability is in the function formGetDiagnoseInfo, where improper validation of the cmdinput parameter leads to a stack-based buffer overflow. It can be triggered remotely, and the exploit has been publicly disclosed. Reported impacts include...
CVE-2023-51614
D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51616
D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-50186
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...