CWE:
 

Topic
Date
Author
High
RIOT 2024.01 Buffer Overflows / Lack Of Size Checks / Out-Of-Bound Access
09.05.2024
Marco Ivaldi
High
Circontrol Raption Buffer Overflow / Command Injection
30.03.2024
Dariusz Gonda
High
KiTTY 0.76.1.13 Start Duplicated Session Hostname Buffer Overflow
28.03.2024
DEFCESCO
High
TP-Link TL-WR740N Buffer Overflow / Denial Of Service
11.03.2024
Anish Feroz
High
PCMan FTP Server 2.0 Buffer Overflow
06.02.2024
Waqas Ahmed Faroouqi
High
glibc syslog() Heap-Based Buffer Overflow
01.02.2024
Qualys Security Adviso...
Med.
Intrasrv Simple Web Server 1.0 - Denial of Service (DoS)
10.01.2024
Fernando Mengali
Med.
PSOProxy 0.5 - Denial of Service (DoS)
10.01.2024
Fernando Mengali
Med.
Easy Chat Server 3.1 - Denial of Service (DoS)
07.01.2024
Fernando Mengali
Med.
Easy Chat Server 3.1 - Denial of Service (DoS)
06.01.2024
Fernando Mengali
High
XAMPP 3.3.0 Buffer Overflow
27.10.2023
Talson
High
Elasticsearch 8.5.3 Stack Overflow
24.09.2023
Touhami Kasbaoui
High
Ivanti Avalanche MDM Buffer Overflow
18.09.2023
Ege Balci
High
OpenPLC Webserver 3 Denial Of Service / Buffer Overflow
13.09.2023
Kai Feng
High
GOM Player 2.3.90.5360 Buffer Overflow
10.09.2023
Ahmet Umit Bayram
High
NVClient 5.0 Stack Buffer Overflow
04.09.2023
Ahmet Umit Bayram
High
Xlight FTP Server 3.9.3.6 Stack Buffer Overflow (DOS)
06.08.2023
Yehia Elghaly
High
Xlight FTP Server 3.9.3.6 Stack Buffer Overflow
05.08.2023
Yehia Elghaly
High
Savant Web Server 3.1 Remote Buffer Overflow
03.08.2023
0xBOF90
High
General Device Manager 2.5.2.2 Buffer Overflow
02.08.2023
Ahmet Umit Bayram
High
RaidenFTPD 2.4.4005 Buffer Overflow
21.07.2023
Andre Nogueira
High
TP-Link TL-WR940N 4 Buffer Overflow
05.07.2023
Amirhossein Bahramizad...
High
Polycom BToE Connector 4.4.0.0 Buffer Overflow / Man-In-The-Middle
19.06.2023
secbugs3
High
TP-Link Archer AX10(EU)_V1.2_230220 Buffer Overflow
18.06.2023
Giuseppe Compare
High
Widevine Trustlet 5.x / 6.x / 7.x PRDiagVerifyProvisioning Buffer Overflow
30.05.2023
CyberIntel Team
High
Widevine Trustlet 5.x drm_save_keys Buffer Overflow
30.05.2023
CyberIntel Team
High
Advantech EKI-15XX Series Command Injection / Buffer Overflow
13.05.2023
T. Weber
Med.
Fortigate 7.0.1 Stack Overflow
03.05.2023
Cody Sixteen
High
Rocket Software Unidata 8.2.4 Build 3003 Buffer Overflow
14.04.2023
Ron Bowes
High
Grand Theft Auto III Vice City Skin File 1.1 Buffer Overflow
03.04.2023
Knursoft
High
Explorer32++ 1.3.5.531 Buffer Overflow
27.03.2023
Rafael Pedrero
Med.
Scdbg 1.0 Buffer overflow DoS
27.03.2023
Rafael Pedrero
High
SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow
12.02.2023
LiquidWorm
High
NetChess 2.1 Buffer Overflow
21.01.2023
Ugur Eminli
High
ZTE ZXHN-H108NS Stack Buffer Overflow / Denial Of Service
21.11.2022
George Tsimpidas
High
wolfSSL Buffer Overflow
31.10.2022
Maximilian Ammann
High
AVS Audio Converter 10.3 Stack Overflow
19.10.2022
Yehia Elghaly
High
Netfilter nft_set_elem_init Heap Overflow Privilege Escalation
28.09.2022
Redouane Niboucha
High
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read
27.09.2022
T. Weber
High
123elf Project Buffer Overflow
06.09.2022
Tavis Ormandy
High
10-Strike Network Inventory Explorer 9.3 Buffer Overflow
23.08.2022
Ricardo Jose Ruiz Fern...
High
Windows sxs!CNodeFactory::XMLParser_Element_doc_assembly_assemblyIdentity Heap Buffer Overflow
15.08.2022
Google Security Resear...
High
Windows sxssrv!BaseSrvActivationContextCacheDuplicateUnicodeString Heap Buffer Overflow
14.08.2022
Google Security Resear...
High
Easy Chat Server 3.1 Buffer Overflow
02.08.2022
r00tpgp
High
Patlite 1.46 Buffer Overflow
25.07.2022
Samy Younsi
High
Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow
04.07.2022
malvuln
High
Zyxel Buffer Overflow / Format String / Command Injection
20.06.2022
Marco Ivaldi
High
Kitty 0.76.0.8 Stack Buffer Overflow
20.06.2022
Yehia Elghaly
High
GtkRadiant 1.6.6 Buffer Overflow
05.06.2022
Jeremy Brown
High
libMeshb Buffer Overflow
04.06.2022
Jeremy Brown
High
Small HTTP Server 3.06 Remote Buffer Overflow
07.04.2022
Yehia Elghaly
High
ALLMediaServer 1.6 Buffer Overflow
04.04.2022
Hejap Zairy
High
Xlight FTP 3.9.3.2 Buffer Overflow
22.03.2022
Hejap Zairy
High
Amazing CD Ripper 1.2 Buffer Overflow
22.03.2022
Hejap Zairy
High
Audio Conversion Wizard 2.01 Buffer Overflow
10.03.2022
Hejap Zairy
High
VUPlayer 2.49 Buffer Overflow
10.01.2022
Bryan Leong
High
Accu-Time Systems MAXIMUS 1.0 Buffer Overflow / Denial Of Service
23.12.2021
Yehia Elghaly
High
Pinkie 2.15 TFTP Remote Buffer Overflow (PoC)
30.11.2021
Yehia
High
Serva 4.4.0 TFTP Remote Buffer Overflow
24.11.2021
Yehia Elghaly
High
Pinkie 2.15 Remote Buffer Overflow
22.11.2021
Yehia Elghaly
High
Modbus Slave 7.3.1 Buffer Overflow
22.11.2021
Yehia Elghaly
High
Xlight FTP 3.9.3.1 Buffer Overflow (PoC)
17.11.2021
Yehia Elghaly
High
Xlight FTP 3.9.3.1 Buffer Overflow
14.11.2021
Yehia Elghaly
High
zlog 1.2.15 Buffer Overflow
09.11.2021
LIWEI
High
YouTube Video Grabber 1.9.9.1 Buffer Overflow
02.11.2021
Achilles
High
Mini-XML 3.2 Heap Overflow
29.10.2021
LIWEI
High
Ether MP3 CD Burner 1.3.8 Buffer Overflow
27.09.2021
Achilles
High
Microsoft Windows cmd.exe Stack Buffer Overflow
19.09.2021
hyp3rlinx
High
COMMAX WebViewer ActiveX Control 2.1.4.5 Commax_WebViewer.ocx Buffer Overflow
01.09.2021
LiquidWorm
High
COMMAX UMS Client ActiveX Control 1.7.0.2 CNC_Ctrl.dll Heap Buffer Overflow
29.08.2021
LiquidWorm
High
crossfire-server 1.9.0 SetUp() Remote Buffer Overflow
18.08.2021
Khaled Salem
High
Crossfire Server 1.0 Buffer Overflow
18.08.2021
Khaled Salem
High
IcoFX 2.6 Buffer Overflow
08.06.2021
Austin Babcock
High
Exim base64d Buffer Overflow
06.06.2021
Johnny Yu
Med.
VMware ESXi OpenSLP Heap Overflow
06.06.2021
Johnny Yu
High
Epic Games Rocket League 1.95 Stack Buffer Overrun
15.05.2021
LiquidWorm
High
Shenzhen Skyworth RN510 Buffer Overflow
05.05.2021
Kaustubh G. Padwad
High
D-Link DSL-320B-D1 Pre-Authentication Buffer Overflow
08.04.2021
Gabriele Gristina
High
DD-WRT 45723 Buffer Overflow
01.04.2021
Selim Enes Karaduman
High
SyncBreeze 10.1.16 Buffer Overflow
29.03.2021
Rafael Machado
High
FastStone Image Viewer 7.5 Buffer Overflow
18.03.2021
Paolo Stagno
High
Golden FTP Server 4.70 Buffer Overflow
10.03.2021
Craig Freyman
High
dataSIMS Avionics ARINC 664-1 Local Buffer Overflow (PoC)
19.02.2021
Kağan Çapar
High
Sudo Heap-Based Buffer Overflow
29.01.2021
Qualys Security Adviso...
High
10-Strike Network Inventory Explorer Pro 9.05 Buffer Overflow
24.12.2020
Florian Gassner
High
Oracle Solaris SunSSH PAM parse_user_name() Buffer Overflow
18.12.2020
wvu
High
MiniWeb HTTP Server 0.8.19 Buffer Overflow (PoC)
14.12.2020
securityforeveryone
High
Dup Scout Enterprise 10.0.18 Buffer Overflow
09.12.2020
sickness
High
libupnp 1.6.18 Stack-based buffer overflow (DoS)
27.11.2020
Patrik Lantz
High
SyncBreeze 10.0.28 password Remote Buffer Overflow
25.11.2020
Abdessalam king(A.sala...
High
Boxoft Audio Converter 2.3.0 Buffer Overflow
23.11.2020
Luis Martinez
High
Internet Download Manager 6.38.12 Scheduler Downloads Scheduler Buffer Overflow (PoC)
22.11.2020
Vincent Wolterman
High
IBM Tivoli Storage Manager 5.2.0.1 Buffer Overflow
21.11.2020
Paolo Stagno
High
Nidesoft 3GP Video Converter 2.6.18 Local Stack Buffer Overflow
12.11.2020
Felipe Winsnes
High
Sony IPELA Network Camera 1.82.01 ftpclient.cgi Remote Stack Buffer Overflow
07.10.2020
LiquidWorm
High
Sony IPELA Network Camera Remote Stack Buffer Overflow
01.10.2020
LiquidWorm
High
BlazeDVD 7.0 Professional Buffer Overflow
31.08.2020
emalp
High
ASX To MP3 Converter 3.1.3.7.2010.11.05 Buffer Overflow
28.08.2020
Paras Bhatia
High
Socusoft Photo to Video Converter Professional 8.07 Output Folder Buffer Overflow (SEH Egghunter)
14.08.2020
MasterVlad
High
Free MP3 CD Ripper 2.8 Stack Buffer Overflow (SEH + Egghunter)
06.08.2020
Eduard Palisek


CVEMAP Search Results

CVE
Details
Description
2024-05-14
Waiting for details
CVE-2024-32058

Updating...
 

 
A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V27.1.215). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21563)

 
2024-04-25
Waiting for details
CVE-2024-22391

Updating...
 

 
A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

 
2024-04-06
Waiting for details
CVE-2024-25029

Updating...
 

 
IBM Personal Communications 14.0.6 through 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). The vulnerability allows any unprivileged user with network access to a target computer to run commands with full privileges in the context of NT AUTHORITY\SYSTEM. This allows for a low privileged attacker to move laterally to affected systems and to escalate their privileges. IBM X-Force ID: 281619.

 
2024-03-13
Waiting for details
CVE-2024-0162

Updating...
 

 
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to out-of-bound read/writes to SMRAM.

 
2024-03-12
Waiting for details
CVE-2024-22041

Updating...
 

 
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems improperly handles memory buffers when parsing X.509 certificates. This could allow an unauthenticated remote attacker to crash the network service.

 
2024-03-04
Waiting for details
CVE-2023-32331

Updating...
 

 
IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979.

 
2024-02-13
Waiting for details
CVE-2024-24921

Updating...
 

 
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21712)

 
2024-02-02
Waiting for details
CVE-2024-0338

Updating...
 

 
A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler (SEH).

 
Waiting for details
CVE-2024-24560

Updating...
 

 
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 (overlapping with the input buffer). When checking RETURNDATASIZE for dynamic types, the size is compared only to the minimum allowed size for that type, and not to the returned value's length. As a result, malformed return data can cause the contract to mistake data from the input buffer for returndata. When the called contract returns invalid ABIv2 encoded data, the calling contract can read different invalid data (from the dirty buffer) than the called contract returned.

 
2024-02-01
Waiting for details
CVE-2024-24561

Updating...
 

 
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice() function uses a non-literal argument for the start or length variable, this creates the ability for an attacker to overflow the bounds check. This issue can be used to do OOB access to storage, memory or calldata addresses. It can also be used to corrupt the length slot of the respective array.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top