Export limit exceeded: 14162 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14162 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34026 | 1 Openplcproject | 2 Openplc V3, Openplc V3 Firmware | 2024-11-21 | 9 Critical |
| A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability. | ||||
| CVE-2024-33182 | 1 Tendacn | 2 Ac18, Ac18 Firmware | 2024-11-21 | 8.3 High |
| Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter. | ||||
| CVE-2024-33180 | 2 Tenda, Tendacn | 3 Ac18, Ac18, Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo. | ||||
| CVE-2024-32913 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-32909 | 1 Google | 2 Android, Pixel | 2024-11-21 | 8.1 High |
| In handle_msg of main.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-32905 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In circ_read of link_device_memory_legacy.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-32903 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-32895 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In BCMFASTPATH of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-32671 | 1 Samsung | 1 Escargot | 2024-11-21 | 9.8 Critical |
| Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0. | ||||
| CVE-2024-32668 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 8.2 High |
| An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. | ||||
| CVE-2024-30621 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function fromAdvSetMacMtuWan. | ||||
| CVE-2024-30374 | 1 Luxion | 2 Keyshot, Keyshot Viewer | 2024-11-21 | 7.8 High |
| Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22449. | ||||
| CVE-2024-30373 | 1 Tungstenautomation | 1 Power Pdf | 2024-11-21 | 7.8 High |
| Kofax Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22092. | ||||
| CVE-2024-2011 | 1 Hitachienergy | 2 Foxman-un, Unem | 2024-11-21 | 8.6 High |
| A heap-based buffer overflow vulnerability exists in the FOXMAN-UN/UNEM that if exploited will generally lead to a denial of service but can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy | ||||
| CVE-2024-29786 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29506 | 1 Artifex | 1 Ghostscript | 2024-11-21 | 5.4 Medium |
| Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name. | ||||
| CVE-2024-29176 | 1 Dell | 11 Apex Protection Storage, Data Domain Operating System, Dd3300 and 8 more | 2024-11-21 | 8.8 High |
| Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2024-28970 | 1 Dell | 28 G7 7500, G7 7500 Firmware, G7 7700 and 25 more | 2024-11-21 | 4.7 Medium |
| Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of service. | ||||
| CVE-2024-28553 | 1 Tenda | 1 Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function. | ||||
| CVE-2024-28535 | 1 Tenda | 1 Ac18 Firmware | 2024-11-21 | 8 High |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function. | ||||