Total
13476 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-49425 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg . | ||||
| CVE-2023-49424 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | ||||
| CVE-2023-49418 | 1 Totolink | 2 A7000r, A7000r Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules. | ||||
| CVE-2023-49411 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode. | ||||
| CVE-2023-49410 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the function set_wan_status. | ||||
| CVE-2023-49408 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name. | ||||
| CVE-2023-49405 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg. | ||||
| CVE-2023-49403 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setFixTools. | ||||
| CVE-2023-49402 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | 9.8 Critical |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function localMsg. | ||||
| CVE-2023-49355 | 1 Jqlang | 1 Jq | 2024-11-21 | 7.5 High |
| decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation. | ||||
| CVE-2023-49047 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName. | ||||
| CVE-2023-49044 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 9.8 Critical |
| Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set. | ||||
| CVE-2023-49043 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 9.8 Critical |
| Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat. | ||||
| CVE-2023-49042 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 9.8 Critical |
| Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi. | ||||
| CVE-2023-49007 | 1 Netgear | 2 Rbr750, Rbr750 Firmware | 2024-11-21 | 9.8 Critical |
| In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd. | ||||
| CVE-2023-48964 | 1 Tenda | 2 I6, I6 Firmware | 2024-11-21 | 7.5 High |
| Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/WifiMacFilterSet. | ||||
| CVE-2023-48963 | 1 Tenda | 2 I6, I6 Firmware | 2024-11-21 | 7.5 High |
| Tenda i6 V1.0.0.8(3856) is vulnerable to Buffer Overflow via /goform/wifiSSIDget. | ||||
| CVE-2023-48945 | 1 Openlinksw | 1 Virtuoso | 2024-11-21 | 7.5 High |
| A stack overflow in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | ||||
| CVE-2023-48704 | 1 Clickhouse | 2 Clickhouse, Clickhouse Cloud | 2024-11-21 | 7 High |
| ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on port 9000/tcp, triggering a bug in the decompression logic of Gorilla codec that crashes the ClickHouse server process. This attack does not require authentication. This issue has been addressed in ClickHouse Cloud version 23.9.2.47551 and ClickHouse versions 23.10.5.20, 23.3.18.15, 23.8.8.20, and 23.9.6.20. | ||||
| CVE-2023-48692 | 1 Microsoft | 1 Azure Rtos Netx Duo | 2024-11-21 | 9.1 Critical |
| Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp, tcp, snmp, dhcp, nat and ftp in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||