Total
1412 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37997 | 2024-07-09 | N/A | 7.8 HIGH | ||
| A vulnerability has been identified in JT Open (All versions < V11.5), PLM XML SDK (All versions < V7.1.0.014). The affected applications contain a stack based overflow vulnerability while parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-28928 | 2024-07-09 | N/A | 8.8 HIGH | ||
| SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability | |||||
| CVE-2024-33577 | 2024-07-09 | N/A | 7.8 HIGH | ||
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-30595 | 2024-07-08 | N/A | 9.8 CRITICAL | ||
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the addWifiMacFilter function. | |||||
| CVE-2024-4291 | 2024-07-03 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as critical. This issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262223. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-38576 | 2024-07-03 | N/A | N/A | ||
| In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in print_cpu_stall_info() The rcuc-starvation output from print_cpu_stall_info() might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers sometimes get very confused about time, which can result in full-sized integers, and, in this case, buffer overflow. Also, the unsigned jiffies difference is printed using %ld, which is normally for signed integers. This is intentional for debugging purposes, but it is not obvious from the code. This commit therefore changes sprintf() to snprintf() and adds a clarifying comment about intention of %ld format. Found by Linux Verification Center (linuxtesting.org) with SVACE. | |||||
| CVE-2024-38443 | 2024-07-03 | N/A | 6.2 MEDIUM | ||
| C/sorting/binary_insertion_sort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements. | |||||
| CVE-2024-37645 | 2024-07-03 | N/A | 8.8 HIGH | ||
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog . | |||||
| CVE-2024-37643 | 2024-07-03 | N/A | 8.8 HIGH | ||
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth . | |||||
| CVE-2024-37641 | 2024-07-03 | N/A | 8.8 HIGH | ||
| TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule | |||||
| CVE-2024-37640 | 2024-07-03 | N/A | 8.8 HIGH | ||
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg. | |||||
| CVE-2024-37639 | 2024-07-03 | N/A | 8.8 HIGH | ||
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules. | |||||
| CVE-2024-37634 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg. | |||||
| CVE-2024-37633 | 2024-07-03 | N/A | 8.8 HIGH | ||
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg | |||||
| CVE-2024-37631 | 2024-07-03 | N/A | 8.8 HIGH | ||
| TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule. | |||||
| CVE-2024-37003 | 2024-07-03 | N/A | 8.8 HIGH | ||
| A maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-36729 | 2024-07-03 | N/A | N/A | ||
| TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizard_ipv6 with a sufficiently long reboot_type key. | |||||
| CVE-2024-36728 | 2024-07-03 | N/A | 8.1 HIGH | ||
| TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlan_setting with a sufficiently long dns1 or dns 2 key. | |||||
| CVE-2024-36600 | 2024-07-03 | N/A | 8.4 HIGH | ||
| Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. | |||||
| CVE-2024-35576 | 2024-07-03 | N/A | 5.2 MEDIUM | ||
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv. | |||||