Total
13476 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-2184 | 2024-11-21 | 9.8 Critical | ||
| Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF740C Series/Satera MF640C Series/Satera LBP660C Series/Satera LBP620C Series firmware v12.07 and earlier, and Satera MF750C Series/Satera LBP670C Series firmware v03.09 and earlier sold in Japan.Color imageCLASS MF740C Series/Color imageCLASS MF640C Series/Color imageCLASS X MF1127C/Color imageCLASS LBP664Cdw/Color imageCLASS LBP622Cdw/Color imageCLASS X LBP1127C firmware v12.07 and earlier, and Color imageCLASS MF750C Series/Color imageCLASS X MF1333C/Color imageCLASS LBP674Cdw/Color imageCLASS X LBP1333C firmware v03.09 and earlier sold in US.i-SENSYS MF740C Series/i-SENSYS MF640C Series/C1127i Series/i-SENSYS LBP660C Series/i-SENSYS LBP620C Series/C1127P firmware v12.07 and earlier, and i-SENSYS MF750C Series/C1333i Series/i-SENSYS LBP673Cdw/C1333P firmware v03.09 and earlier sold in Europe. | ||||
| CVE-2024-2011 | 1 Hitachienergy | 2 Foxman-un, Unem | 2024-11-21 | 8.6 High |
| A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy | ||||
| CVE-2024-29786 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29506 | 1 Artifex | 1 Ghostscript | 2024-11-21 | 8.8 High |
| Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name. | ||||
| CVE-2024-29176 | 1 Dell | 11 Apex Protection Storage, Data Domain Operating System, Dd3300 and 8 more | 2024-11-21 | 8.8 High |
| Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2024-28970 | 1 Dell | 28 G7 7500, G7 7500 Firmware, G7 7700 and 25 more | 2024-11-21 | 4.7 Medium |
| Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service. | ||||
| CVE-2024-28553 | 1 Tenda | 1 Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function. | ||||
| CVE-2024-28535 | 1 Tenda | 1 Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function. | ||||
| CVE-2024-27459 | 1 Openvpn | 1 Openvpn | 2024-11-21 | 7.8 High |
| The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges. | ||||
| CVE-2024-25448 | 1 Enlightenment | 1 Imlib2 | 2024-11-21 | 8.8 High |
| An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | ||||
| CVE-2024-24920 | 1 Siemens | 1 Simcenter Femap | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21710) | ||||
| CVE-2024-23804 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted PSOBJ files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-23798 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-23797 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected applications contain a stack overflow vulnerability while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-23796 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-23110 | 1 Fortinet | 1 Fortios | 2024-11-21 | 7.4 High |
| A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands | ||||
| CVE-2024-22916 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2024-11-21 | 9.8 Critical |
| In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow. | ||||
| CVE-2024-22104 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
| Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.5.1 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | ||||
| CVE-2024-22103 | 2 Jungo, Mitsubishielectric | 43 Windriver, Cpu Module Logging Configuration Tool, Cw Configurator and 40 more | 2024-11-21 | 5.5 Medium |
| Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). | ||||
| CVE-2024-22053 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-11-21 | 8.2 High |
| A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. | ||||