RHEL 8 : libraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Stack-based buffer overflow in quicktake100loadraw function in internal/dcrawcommon.cpp...

RLSA-2024:2512 Low: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

CVE-2024-34942

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...

CVE-2024-34942

Tenda FH1206 router (firmware 1.2.0.8(8155) EN) contains a stack-based buffer overflow in the ip/goform/exeCommand endpoint, triggered by the funcpara1 parameter. This could allow arbitrary code execution or a denial of service. Exploitation status is not provided in the documents; no exploit det...

CVE-2024-34943

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting...

CVE-2024-34943

CVE-2024-34943 affects Tenda FH1206 router (version 1.2.0.8(8155) EN). The vulnerability is a stack-based buffer overflow in the ip/goform/NatStaticSetting endpoint via the page parameter due to input length validation issues, enabling potential remote code execution or denial of service. Public ...

CVE-2024-34945

Consolidated: CVE-2024-34945 affects Tenda FH1206 (version 1.2.0.8(8155) EN). A stack-based buffer overflow is triggered via the PPW parameter in the ip/goform/WizardHandle endpoint. Reported by multiple sources to potentially allow arbitrary code execution or denial of service; CVSS v3.1 vector ...

CVE-2024-34944

The CVE-2024-34944 affects Tenda FH1206 firmware version 1.2.0.8(8155) EN. A stack-based buffer overflow is triggered via the list1 parameter at the ip/goform/DhcpListClient endpoint due to insufficient input length validation. Impact is high on confidentiality, integrity, and availability (per C...

CVE-2024-34944

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient...

CVE-2024-34946

CVE-2024-34946 affects the Tenda FH1206 router (version 1.2.0.8(8155) EN). The root cause is a stack-based buffer overflow in the page parameter of ip/goform/DhcpListClient, exposing the device to memory corruption and potential remote impact. Public sources describe exploitation that could lead ...

Unspecified Vulnerability in D-Link DAP-2622 (CNVD-2024-24416)

The D-Link DAP-2622 is a wireless access point Access Point device from China's D-Link. A security vulnerability exists in the D-Link DAP-2622 that stems from a stack-based buffer overflow remote code execution vulnerability in the DDP Set Date Time NTP server. An attacker could exploit the...

PT-2024-3674 · D Link · D-Link Dir-822

Name of the Vulnerable Software and Affected Versions: D-Link DIR-822+ version 1.0.5 Description: The issue is related to a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module of the D-Link DIR-822+ wireless router's firmware. This vulnerability can be exploited b...

RHEL 8 : glibc (RHSA-2024:2799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2799 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

CVE-2023-35748

D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit...

CVE-2023-35748

D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit...

CVE-2023-35757 D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-35749

CVE-2023-35749 concerns the D-Link DAP-2622 DDP service. The vulnerability is a stack-based buffer overflow in the firmware upgrade file name handling, triggered by insufficient validation of user-supplied data, allowing a network-adjacent attacker to execute code with root privileges. Authentica...

CVE-2023-35748 D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit...

CVE-2021-34982 NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability

NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The...

CVE-2021-34982

The CVE-2021-34982 entry describes a pre-auth, remote code execution vulnerability in the httpd service of NETGEAR routers. The flaw is a stack-based buffer overflow caused by unchecked length of user-supplied data in the strings file, leading to code execution with root privileges when a network...