PT-2022-27551 · Tenda · Tenda W30E

Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the account parameter at the "/goform/addUserName" API endpoint. This issue affects the Tenda W30E device. Recommendations: For Tenda W30E version...

PT-2022-27336 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda A18 version 15.13.07.09 Description: A stack overflow issue was discovered, which can be triggered via the security 5g parameter at the "/goform/WifiBasicSet" API endpoint. Recommendations: For Tenda A18 version 15.13.07.09, avoid using...

PT-2022-26756 · Tenda · Tenda Ac23

Name of the Vulnerable Software and Affected Versions: Tenda AC23 version 16.03.07.45 cn Description: A stack overflow issue was discovered via the schedStartTime parameter in the setSchedWifi function. This issue can be exploited, potentially leading to unintended consequences. Recommendations:...

PT-2022-26753 · Tenda · Tenda Ac23

Name of the Vulnerable Software and Affected Versions: Tenda AC23 version 16.03.07.45 cn Description: A stack overflow issue was discovered via the list parameter in the formSetQosBand function. Recommendations: For Tenda AC23 version 16.03.07.45 cn, consider restricting access to the...

PT-2022-26650 · Bentley · Bentley Microstation +1

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation versions prior to 10.17.01.58 Bentley View versions prior to 10.17.01.19 Description: The issue concerns out-of-bounds read and stack overflow problems that occur when opening crafted SKP files. This could lead to...

PT-2022-25913 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: The issue is an authenticated stack overflow that occurs via the ip parameter in the setDiagnosisCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK...

PT-2022-23436 · H3C · H3C Gr-1200W

Name of the Vulnerable Software and Affected Versions: H3C GR-1200W version MiniGRW1A0V100R006 Description: A stack overflow issue was discovered via the addactionlist function. Recommendations: For H3C GR-1200W version MiniGRW1A0V100R006, as a temporary workaround, consider disabling the...

PT-2022-23815 · H3C · H3C H200

Name of the Vulnerable Software and Affected Versions: H3C H200 version H200V100R004 Description: A stack overflow issue was discovered via the function UpdateSnat. Recommendations: For H3C H200 version H200V100R004, consider disabling the UpdateSnat function until a patch is available...

PT-2022-23438 · H3C · H3C Gr-1200W

Name of the Vulnerable Software and Affected Versions: H3C GR-1200W MiniGRW1A0V100R006 Description: A stack overflow issue was discovered in the H3C GR-1200W MiniGRW1A0V100R006 via the function debug wlan advance. Recommendations: For H3C GR-1200W MiniGRW1A0V100R006, consider disabling the debug...

PT-2022-23389 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.6134 B20201202 Description: A stack overflow issue was discovered in the setDiagnosisCfg function via the ip parameter. Recommendations: For version 9.1.2u.6134 B20201202, avoid using the ip parameter in the...

PT-2022-23803 · H3C · H3C H200

Name of the Vulnerable Software and Affected Versions: H3C H200 version H200V100R004 Description: A stack overflow issue was discovered via the function SetAP5GWifiById. Recommendations: For H3C H200 version H200V100R004, consider disabling the SetAP5GWifiById function as a temporary workaround...

PT-2022-23390 · H3C · H3C B5 Mini

Name of the Vulnerable Software and Affected Versions: H3C B5 Mini version B5MiniV100R005 Description: A stack overflow issue was discovered in the function EditMacList.d. Recommendations: For version B5MiniV100R005, consider disabling the EditMacList.d function as a temporary workaround until a...

PT-2022-23420 · H3C · H3C Magic Nx18 Plus

Name of the Vulnerable Software and Affected Versions: H3C Magic NX18 Plus version NX18PV100R003 Description: A stack overflow issue was discovered via the function Asp SetTimingtimeWifiAndLed. This issue affects the H3C Magic NX18 Plus device. Recommendations: For H3C Magic NX18 Plus version...

PT-2022-23422 · H3C · H3C Magic Nx18 Plus

Name of the Vulnerable Software and Affected Versions: H3C Magic NX18 Plus version NX18PV100R003 Description: A stack overflow issue was discovered via the function EditWlanMacList. Recommendations: For H3C Magic NX18 Plus version NX18PV100R003, consider disabling the EditWlanMacList function as ...

PT-2022-23402 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A stack overflow issue was discovered via the command parameter in the setTracerouteCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK N350RT version...

PT-2022-24086 · Tenda · Tenda Ac1206

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 version 15.03.06.23 Description: A stack overflow issue was discovered in the function formWifiWpsOOB, specifically via the index parameter. Recommendations: For version 15.03.06.23, consider restricting access to the...

PT-2022-22904 · Tenda · Tenda W6

Name of the Vulnerable Software and Affected Versions: Tenda W6 version 1.0.0.94122 Description: A stack overflow issue exists, which can be exploited to cause a denial of service DoS via the index parameter in the "/goform/wifiSSIDset" API endpoint. Recommendations: For Tenda W6 version...

PT-2022-7208 · Tiffsplit +6 · Tiffsplit +6

Name of the Vulnerable Software and Affected Versions: Tiffsplit versions 4.4.0 and earlier Description: The issue is related to a stack overflow in the TIFFVGetField function of the LibTIFF library, which can be exploited by an attacker to cause a Denial of Service DoS using a specially crafted...

SUSE-SU-2021:2858-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - usbredir: free call on invalid pointer in bufpalloc bsc1189145, CVE-2021-3682 - NULL pointer dereference in ESP bsc1180433, CVE-2020-35504 bsc1180434, CVE-2020-35505 bsc1180435, CVE-2020-35506 - NULL pointer dereference iss...

OPENSUSE-SU-2021:2787-1 Security update for go1.15

This update for go1.15 fixes the following issues: Update to go1.15.15: - go47473 net/http: panic due to racy read of persistConn after handler panic CVE-2021-36221 bsc1189162 - go47347 cmd/go: 'go list -f '.Stale'' stack overflow with cyclic imports - go47014 cmd/go: go mod vendor: open...