Total
1926 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-3010 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH1205 2.0.0.7(775) and classified as critical. Affected by this issue is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258296. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3011 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258297 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3008 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda FH1205 2.0.0.7(775). Affected is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258294 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3007 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7(775). This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258293 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3006 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromSetRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument entrys leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258292. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2994 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258163. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2990 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. This affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258159. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2993 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH1203 2.0.1.6. It has been classified as critical. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258162 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2989 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda FH1203 2.0.1.6. Affected by this issue is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-258158 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2988 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH1203 2.0.1.6. Affected by this vulnerability is the function fromSetRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument entrys leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258157 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2979 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda F1203 2.0.1.6. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258148. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2978 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda F1203 2.0.1.6. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258147. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2977 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda F1203 2.0.1.6. It has been rated as critical. Affected by this issue is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-258146 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2976 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-01-15 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda F1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258145 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-21474 | 1 Qualcomm | 48 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 45 more | 2025-01-15 | N/A | 8.4 HIGH |
| Memory corruption when size of buffer from previous call is used without validation or re-initialization. | |||||
| CVE-2024-55577 | 2025-01-15 | N/A | 7.0 HIGH | ||
| Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a result, the attacker may obtain or alter information of the user environment or cause the user environment to become unusable. | |||||
| CVE-2024-28924 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-14 | N/A | 6.7 MEDIUM |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2024-28925 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-14 | N/A | 8.0 HIGH |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2024-28934 | 1 Microsoft | 5 Odbc Driver For Sql Server, Sql Server 2019, Sql Server 2022 and 2 more | 2025-01-14 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26561 | 1 Synology | 7 Diskstation Manager, Diskstation Manager Unified Controller, Skynas and 4 more | 2025-01-14 | 6.8 MEDIUM | 9.0 CRITICAL |
| Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header. | |||||