Export limit exceeded: 21730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21730 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7335 | 1 Totolink | 2 Ex200, Ex200 Firmware | 2024-08-09 | 8.8 High |
| A vulnerability classified as critical has been found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273258 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7334 | 1 Totolink | 2 Ex1200l, Ex1200l Firmware | 2024-08-09 | 8.8 High |
| A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146_B20201023. It has been rated as critical. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273257 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7333 | 1 Totolink | 2 N350rt, N350rt Firmware | 2024-08-09 | 8.8 High |
| A vulnerability was found in TOTOLINK N350RT 9.3.5u.6139_B20201216. It has been declared as critical. This vulnerability affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument week/sTime/eTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273256. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7582 | 1 Tenda | 2 I22, I22 Firmware | 2024-08-08 | 8.8 High |
| A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7583 | 1 Tenda | 2 I22, I22 Firmware | 2024-08-08 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-6994 | 1 Google | 1 Chrome | 2024-08-07 | 8.8 High |
| Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-7581 | 2 Tenda, Tendacn | 3 A301 Firmware, A301, A301 Firmware | 2024-08-07 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda A301 15.13.08.12. This affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7441 | 1 Vivotek | 2 Sd9364, Sd9364 Firmware | 2024-08-07 | 8.8 High |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273526 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life. | ||||
| CVE-2024-7439 | 1 Vivotek | 2 Cc8160, Cc8160 Firmware | 2024-08-06 | 8.8 High |
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273524. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life. | ||||
| CVE-2024-38481 | 1 Dell | 1 Emc Idrac Service Module | 2024-08-02 | 4.8 Medium |
| Dell iDRAC Service Module version 5.3.0.0 and prior, contain a Out of bound Read Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event. | ||||
| CVE-2024-7331 | 1 Totolink | 2 A3300r, A3300r Firmware | 2024-08-01 | 8.8 High |
| A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as critical. Affected by this issue is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273254 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-40946 | 2024-07-15 | 4.7 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2022-48737 | 2024-07-05 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2022-48736 | 2024-07-05 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52756 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2024-06-08 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-21506 | 2024-06-05 | 5.2 Medium | ||
| Duplicate of CVE-2024-5629. | ||||
| CVE-2023-52734 | 1 Redhat | 1 Enterprise Linux | 2024-05-28 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52758 | 1 Redhat | 1 Enterprise Linux | 2024-05-24 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52793 | 2024-05-24 | 4.4 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2021-47326 | 2024-05-23 | 5.3 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||