Vulnerabilities (CVE)

Filtered by CWE-787
Total 10481 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-4014 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2022-06-07 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
CVE-2020-6060 1 Minisnmpd Project 1 Minisnmpd 2022-06-07 5.0 MEDIUM 7.5 HIGH
A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate multiple connections to the server.
CVE-2018-4029 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2022-06-07 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution.
CVE-2018-4023 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2022-06-07 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution.
CVE-2018-4016 1 Anker-in 2 Roav Dashcam A1, Roav Dashcam A1 Firmware 2022-06-07 5.8 MEDIUM 8.8 HIGH
An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
CVE-2021-32941 1 Annke 2 N48pbb, N48pbb Firmware 2022-06-07 10.0 HIGH 9.8 CRITICAL
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).
CVE-2022-28874 4 Apple, F-secure, Microsoft and 1 more 7 Macos, Atlant, Elements Endpoint Protection and 4 more 2022-06-07 5.0 MEDIUM 7.5 HIGH
Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2017-2867 1 Natus 1 Xltek Neuroworks 2022-06-03 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability.
CVE-2017-2868 1 Natus 1 Xltek Neuroworks 2022-06-03 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2869 1 Natus 1 Xltek Neuroworks 2022-06-03 7.5 HIGH 9.8 CRITICAL
An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2853 1 Natus 1 Xltek Neuroworks 2022-06-03 7.5 HIGH 9.8 CRITICAL
An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2886 1 Acdsee 1 Ultimate 2022-06-03 6.8 MEDIUM 7.8 HIGH
A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this vulnerability.
CVE-2017-2896 2 Debian, Libxls Project 2 Debian Linux, Libxls 2022-06-03 6.8 MEDIUM 7.8 HIGH
An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
CVE-2021-32457 1 Trendmicro 1 Home Network Security 2022-06-03 4.6 MEDIUM 7.8 HIGH
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.
CVE-2011-4372 3 Adobe, Apple, Microsoft 4 Acrobat, Reader, Macos and 1 more 2022-06-03 7.5 HIGH 9.8 CRITICAL
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.
CVE-2011-4373 3 Adobe, Apple, Microsoft 4 Acrobat, Reader, Macos and 1 more 2022-06-03 7.5 HIGH 9.8 CRITICAL
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372.
CVE-2021-1738 1 Apple 4 Ipados, Iphone Os, Mac Os X and 1 more 2022-06-03 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2022-30595 1 Python 1 Pillow 2022-06-03 7.5 HIGH 9.8 CRITICAL
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
CVE-2021-1772 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2022-06-03 6.8 MEDIUM 7.8 HIGH
A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execution.
CVE-2022-28998 1 Xlightftpd 1 Xlight Ftp 2022-06-03 5.5 MEDIUM 8.1 HIGH
Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code.