CVE-2024-0928

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow. The attack can be launched remotely. The exploit h...

CVE-2024-0930

The CVE-2024-0930 entry concerns a stack-based buffer overflow in Tenda AC10U firmware (version 15.03.06.49_multi_TDE01) via the fromSetWirelessRepeat function, caused by improper handling of the wpapsk_crypto argument. This allows remote attacker impact to confidentiality, integrity, and availab...

CVE-2024-0929

The CVE-2024-0929 issue affects Tenda AC10U devices running 15.03.06.49_multi_TDE01. Affected component is the fromNatStaticSetting function, where manipulation of the page argument enables a stack-based buffer overflow. This can be exploited remotely, with exploit details publicly disclosed (VDB...

CVE-2024-0928

CVE-2024-0928 concerns the Tenda AC10U device with firmware 15.03.06.49_multi_TDE01. The vulnerability is in the function fromDhcpListClient, where manipulation of the argument page/listN causes a stack-based buffer overflow. It is a network-facing issue with remote exploitation, and the exploit ...

CVE-2024-0926

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the publi...

Stack overflow

A vulnerability has been found in Tenda AC10U 15.03.06.49multiTDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclos...

Stack overflow

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the publi...

Stack overflow

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit ha...

CVE-2024-0927

CVE-2024-0927 affects Tenda AC10U firmware 15.03.06.49_multi_TDE01. The vulnerability is a stack-based buffer overflow in the fromAddressNat function, triggered by the entrys/mitInterface/page parameter, allowing remote, unauthenticated exploitation. Multiple sources consistently describe remote ...

CVE-2024-0926

The CVE-2024-0926 entry concerns Tenda AC10U devices, specifically version 15.03.06.49_multi_TDE01, where the formWifiWpsOOB function is vulnerable. Root cause: manipulation of the index argument leads to a stack-based buffer overflow. Impact: remote exploitation, with potential confidentiality, ...

CVE-2024-0925

CVE-2024-0925 affects Tenda AC10U 15.03.06.49_multi_TDE01 in the formSetVirtualSer function, where a stack-based buffer overflow is caused by manipulation of the argument list. The vulnerability can be triggered remotely and an exploit has been disclosed publicly (VDB-252130). Several connected s...

CVE-2024-0924

The CVE-2024-0924 issue affects Tenda AC10U with version 15.03.06.49_multi_TDE01, specifically the formSetPPTPServer function. The vulnerability arises from improper validation of the startIp argument, causing a stack-based buffer overflow that can be triggered remotely. Public exploit informatio...

CVE-2024-0923

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49multiTDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has bee...

CVE-2024-0922

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49multiTDE01. Affected by this vulnerability is the function formQuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2024-0923

CVE-2024-0923 affects Tenda AC10U, specifically the formSetDeviceName function in version 15.03.06.49_multi_TDE01. The vulnerability is a stack-based buffer overflow caused by manipulating the devName argument, enabling remote exploitation with high impact to confidentiality, integrity, and avail...

CVE-2024-0922

CVE-2024-0922 affects Tenda AC10U firmware 15.03.06.49_multi_TDE01. The vulnerability is in the function formQuickIndex where binding or manipulation of the PPPOEPassword argument causes a stack-based buffer overflow. It is exploitable remotely and, per multiple sources, can lead to arbitrary cod...

Stack overflow

A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges...

CVE-2024-23622 IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow

A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges...

GLSA-202401-28 : GOCR: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-28 GOCR: Multiple Vulnerabilities - A stack-based buffer overflow vulnerability was discovered in gocr through 0.53-20200802 in measurepitch in pgm2asc.c. CVE-2021-33479 - An use-after-free vulnerability was discovered in...

Security Bulletin: IBM Storage Ceph is vulnerable to Out-of-bounds Read in the RHEL UBI (CVE-2023-4527)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-4527 This bulletin identifies the steps to take to address the vulnerability in RHEL. Vulnerability Details CVEID:CVE-2023-4527 DESCRIPTION: glibc is vulnerable to a stack-based buffer overflow, caused by improper...