Total
3128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-40536 | 2024-12-06 | N/A | 5.3 MEDIUM | ||
| Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function. | |||||
| CVE-2024-39129 | 2024-12-06 | N/A | 5.3 MEDIUM | ||
| Heap Buffer Overflow vulnerability in DumpTS v0.1.0-nightly allows attackers to cause a denial of service via the function PushTSBuf() at /src/PayloadBuf.cpp. | |||||
| CVE-2024-37863 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file. | |||||
| CVE-2024-37861 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file. | |||||
| CVE-2023-25435 | 1 Libtiff | 1 Libtiff | 2024-12-06 | N/A | 5.5 MEDIUM |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753. | |||||
| CVE-2024-52533 | 2024-12-06 | N/A | 9.8 CRITICAL | ||
| gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character. | |||||
| CVE-2024-47248 | 2024-12-06 | N/A | 6.3 MEDIUM | ||
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Apache NimBLE. Specially crafted MESH message could result in memory corruption when non-default build configuration is used. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue. | |||||
| CVE-2024-48406 | 2024-12-04 | N/A | 9.8 CRITICAL | ||
| Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an attacker to execute arbitrary code via the power(uct_int_t x, uct_int_t n) in src/uct_upstream.c. | |||||
| CVE-2024-11959 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2024-12-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-11960 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2024-12-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-29507 | 2024-12-03 | N/A | 5.4 MEDIUM | ||
| Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters. | |||||
| CVE-2024-26952 | 1 Linux | 1 Linux Kernel | 2024-12-02 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to ->Buffer offset to validate buffer length. | |||||
| CVE-2024-43700 | 1 Philiphazel | 1 Xfpt | 2024-11-30 | N/A | 7.8 HIGH |
| xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment. | |||||
| CVE-2024-37816 | 2024-11-27 | N/A | 4.2 MEDIUM | ||
| Quectel EC25-EUX EC25EUXGAR08A05M1G was discovered to contain a stack overflow. | |||||
| CVE-2021-43619 | 1 Arm | 1 Trusted Firmware-m | 2024-11-27 | 4.6 MEDIUM | 7.8 HIGH |
| Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations. | |||||
| CVE-2024-53901 | 1 Tonyc | 1 Imager | 2024-11-26 | N/A | 5.5 MEDIUM |
| The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image. | |||||
| CVE-2024-53426 | 2024-11-26 | N/A | 6.2 MEDIUM | ||
| A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 in the Flow::dissectMDNS function. | |||||
| CVE-2024-53425 | 2024-11-26 | N/A | 6.2 MEDIUM | ||
| A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash. | |||||
| CVE-2024-48986 | 1 Arm | 1 Mbed | 2024-11-26 | N/A | 7.5 HIGH |
| An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer (the length of which is determined by looking up the event type in a table). The subsequent write operation, however, copies the amount of data specified in the packet header, which may lead to a buffer overflow. This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated. | |||||
| CVE-2024-10964 | 1 Emqx | 1 Neuron | 2024-11-26 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability classified as critical has been found in emqx neuron up to 2.10.0. Affected is the function handle_add_plugin in the library cmd.library of the file plugins/restful/plugin_handle.c. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||