Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-13169

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Mar, 2020 | 18:20
Updated At-04 Aug, 2024 | 23:41
Rejected At-
Credits

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Mar, 2020 | 18:20
Updated At:04 Aug, 2024 | 23:41
Rejected At:
▼CVE Numbering Authority (CNA)

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.business.xerox.com/
x_refsource_MISC
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/
x_refsource_MISC
Hyperlink: https://security.business.xerox.com/
Resource:
x_refsource_MISC
Hyperlink: https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.business.xerox.com/
x_refsource_MISC
x_transferred
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/
x_refsource_MISC
x_transferred
Hyperlink: https://security.business.xerox.com/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Mar, 2020 | 19:15
Updated At:18 Mar, 2020 | 17:43

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Xerox Corporation
xerox
>>phaser_3320_firmware>>v53.006.16.000
cpe:2.3:o:xerox:phaser_3320_firmware:v53.006.16.000:*:*:*:*:*:*:*
Xerox Corporation
xerox
>>phaser_3320>>-
cpe:2.3:h:xerox:phaser_3320:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.business.xerox.com/cve@mitre.org
Vendor Advisory
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/cve@mitre.org
Third Party Advisory
Hyperlink: https://security.business.xerox.com/
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-xerox-printers/
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

969Records found
CVE-2021-28672
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.22% / 83.82%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 20:06
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 allows remote attackers to execute arbitrary code through a buffer overflow in Web page parameter handling.

Action-Not Available
Vendor-n/aXerox Corporation
Product-versalink_c505versalink_c400_firmwareversalink_b7025versalink_c7000versalink_b605phaser_6510versalink_c9000versalink_b7030versalink_b615versalink_b600versalink_b600_firmwareversalink_b7035_firmwareversalink_c600_firmwareversalink_c605_firmwareversalink_b610versalink_b405versalink_c500versalink_c405_firmwareversalink_c8000_firmwareversalink_c505_firmwareversalink_c405versalink_c7030versalink_c8000w_firmwareversalink_c500_firmwareversalink_b7035versalink_c400workcentre_6515_firmwareversalink_c605versalink_c7025_firmwareversalink_b7030_firmwareversalink_c8000versalink_c8000wversalink_b400versalink_b605_firmwareversalink_c7020_firmwareversalink_c7020workcentre_6515versalink_c7030_firmwareversalink_c7000_firmwareversalink_b615_firmwareversalink_c7025versalink_c600versalink_b610_firmwareversalink_c9000_firmwareversalink_b405_firmwarephaser_6510_firmwareversalink_b7025_firmwareversalink_b400_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-13168
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.02% / 76.28%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 18:23
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device.

Action-Not Available
Vendor-n/aXerox Corporation
Product-phaser_3320phaser_3320_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-13172
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.86% / 82.31%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 18:14
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-n/aXerox Corporation
Product-phaser_3320phaser_3320_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-13165
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.28% / 78.74%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 18:35
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the request parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device.

Action-Not Available
Vendor-n/aXerox Corporation
Product-phaser_3320phaser_3320_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2009-1656
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.94% / 91.04%
||
7 Day CHG~0.00%
Published-16 May, 2009 | 18:00
Updated-07 Aug, 2024 | 05:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, 275; and WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, 5687, 7655, 7656, and 7675 allows remote attackers to execute arbitrary commands via unknown attack vectors, aka "command injection vulnerability."

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentren/a
CVE-2006-6471
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.30% / 53.10%
||
7 Day CHG~0.00%
Published-11 Dec, 2006 | 18:00
Updated-17 Sep, 2024 | 00:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 use weak permissions for certain files, which allows unspecified file access.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentren/a
CVE-2008-2824
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.97% / 82.78%
||
7 Day CHG~0.00%
Published-23 Jun, 2008 | 17:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentren/a
CWE ID-CWE-264
Not Available
CVE-2016-11061
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.01% / 86.06%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 21:23
Updated-06 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentre_5945_firmwareworkcentre_5945workcentre_5955_firmwareworkcentre_6655iworkcentre_7855workcentre_7845_firmwareworkcentre_5890workcentre_5865workcentre_5945i_firmwareworkcentre_5890i_firmwareworkcentre_3655_firmwareworkcentre_7200_firmwareworkcentre_5865_firmwareworkcentre_7200i_firmwareworkcentre_6655_firmwareworkcentre_7225i_firmwareworkcentre_7835workcentre_3655i_firmwareworkcentre_7970_firmwareworkcentre_3655workcentre_5875i_firmwareworkcentre_7970iworkcentre_7225iworkcentre_7225workcentre_7225_firmwareworkcentre_7220_firmwareworkcentre_7835_firmwareworkcentre_5955iworkcentre_6655workcentre_7220workcentre_5890_firmwareworkcentre_5865i_firmwareworkcentre_5875iworkcentre_7970i_firmwareworkcentre_7970workcentre_3655iworkcentre_7845workcentre_5945iworkcentre_5865iworkcentre_7200iworkcentre_7830workcentre_6655i_firmwareworkcentre_5955workcentre_7200workcentre_7855_firmwareworkcentre_5875_firmwareworkcentre_5875workcentre_5955i_firmwareworkcentre_5890iworkcentre_7830_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-28668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 56.61%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 19:28
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 has several SQL injection vulnerabilities.

Action-Not Available
Vendor-n/aXerox Corporation
Product-altalink_c8055altalink_b8075altalink_c8030_firmwarealtalink_c8045altalink_c8045_firmwarealtalink_c8035_firmwarealtalink_c8055_firmwarealtalink_b8090_firmwarealtalink_b8055altalink_b8045_firmwarealtalink_b8065_firmwarealtalink_b8045altalink_c8035altalink_c8070altalink_b8075_firmwarealtalink_c8030altalink_b8090altalink_b8065altalink_b8055_firmwarealtalink_c8070_firmwaren/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-28673
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.03% / 76.42%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 19:00
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 6515 before 65.61.23 and 65.59.11 (Bridge), VersaLink B400 before 37.61.23 and 37.59.01 (Bridge), B405 before 38.61.23 and 38.59.01 (Bridge), B600/B610 before 32.61.23 and 32.59.01 (Bridge), B605/B615 before 33.61.23 and 33.59.01 (Bridge), B7025/30/35 before 58.61.23 and 58.59.11 (Bridge), C400 before 67.61.23 and 67.59.01 (Bridge), C405 before 68.61.23 and 68.59.01 (Bridge), C500/C600 before 61.61.23 and 61.59.01 (Bridge), C505/C605 before 62.61.23 and 62.59.11 (Bridge), C7000 before 56.61.23 and 56.59.01 (Bridge), C7020/25/30 before 57.61.23 and 57.59.01 (Bridge), C8000/C9000 before 70.61.23 and 70.59.01 (Bridge), allows remote attackers with "a weaponized clone file" to execute arbitrary commands in the Web User Interface.

Action-Not Available
Vendor-n/aXerox Corporation
Product-versalink_c505versalink_c400_firmwareversalink_b7025versalink_c7000versalink_b605phaser_6510versalink_c9000versalink_b7030versalink_b615versalink_b600versalink_b600_firmwareversalink_b7035_firmwareversalink_c600_firmwareversalink_c605_firmwareversalink_b610versalink_b405versalink_c500versalink_c405_firmwareversalink_c8000_firmwareversalink_c505_firmwareversalink_c405versalink_c7030versalink_c500_firmwareversalink_b7035versalink_c400workcentre_6515_firmwareversalink_c605versalink_c7025_firmwareversalink_b7030_firmwareversalink_c8000versalink_b400versalink_b605_firmwareversalink_c7020_firmwareversalink_c7020workcentre_6515versalink_c7030_firmwareversalink_c7000_firmwareversalink_b615_firmwareversalink_c7025versalink_c600versalink_b610_firmwareversalink_c9000_firmwareversalink_b405_firmwarephaser_6510_firmwareversalink_b7025_firmwareversalink_b400_firmwaren/a
CVE-2006-6473
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.36% / 57.22%
||
7 Day CHG~0.00%
Published-11 Dec, 2006 | 18:00
Updated-16 Sep, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentren/a
CVE-2006-6472
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.40% / 59.98%
||
7 Day CHG~0.00%
Published-11 Dec, 2006 | 18:00
Updated-17 Sep, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 configures port 443 to be always active, which has unknown impact and remote attack vectors.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentren/a
CVE-2006-6470
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.40% / 59.98%
||
7 Day CHG~0.00%
Published-11 Dec, 2006 | 18:00
Updated-17 Sep, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 returns no error for a non-writable object, which has unknown impact and attack vectors. NOTE: due to the vagueness of the advisory, it is not clear whether this is a vulnerability, or a bug in a security feature.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentren/a
CVE-2019-10880
Matching Score-8
Assigner-Airbus
ShareView Details
Matching Score-8
Assigner-Airbus
CVSS Score-9.8||CRITICAL
EPSS-4.98% / 89.28%
||
7 Day CHG~0.00%
Published-12 Apr, 2019 | 17:37
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authentication may not be necessary.

Action-Not Available
Vendor-Xerox Corporation
Product-colorqube_9302_firmwarecolorqube_8900_firmwarecolorqube_8900colorqube_9303colorqube_9301_firmwarecolorqube_8700colorqube_9301colorqube_9302colorqube_8700_firmwarecolorqube_9303_firmwareWorkCentre 7830/7835/7845/7855WorkCentre 6400Phaser 7800WorkCentre 6655WorkCentre 7220/7225WorkCentre 7970AltaLink C8030/C8035/C8045/C8055/C8070ColorQube 9301/9302/9303WorkCentre EC7836/EC7856Phaser 6700AltaLink B8045/B8055/B8065/B8075/B8090WorkCentre 5735/5740/5745/5755/5765/5775/5790WorkCentre 5845/5855/5865/5875/5890WorkCentre 7525/7530/7535/7545/7556WorkCentre 7755/7765/7775WorkCentre 5945/5955ColorQube 8700/8900WorkCentre 3655
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-17184
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.61% / 68.70%
||
7 Day CHG~0.00%
Published-04 Oct, 2019 | 22:28
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C8070 printers with software before 101.00x.089.22600 allow an attacker to gain privileges.

Action-Not Available
Vendor-n/aXerox Corporation
Product-atlalink_c8045atlalink_b8045atlalink_c8055atlalink_c8035atlalink_b8065atlalink_b8075atlalink_b8055atlalink_firmwareatlalink_c8030atlalink_c8070atlalink_b8090n/a
CVE-2025-8356
Matching Score-8
Assigner-Xerox Corporation
ShareView Details
Matching Score-8
Assigner-Xerox Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 62.50%
||
7 Day CHG~0.00%
Published-08 Aug, 2025 | 15:40
Updated-19 Aug, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Path Traversal leading to RCE

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remote Code Execution (RCE), allowing the attacker to run arbitrary commands on the system.

Action-Not Available
Vendor-Xerox Corporation
Product-freeflow_coreFreeFlow Core
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-13171
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.85% / 82.24%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 18:17
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly.

Action-Not Available
Vendor-n/aXerox Corporation
Product-phaser_3320phaser_3320_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10881
Matching Score-8
Assigner-Airbus
ShareView Details
Matching Score-8
Assigner-Airbus
CVSS Score-9.4||CRITICAL
EPSS-0.48% / 63.98%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 20:58
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Default hidden Privileged Account Vulnerability in multiple XEROX devices

Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with software releases before 103.xxx.030.32000 includes two accounts with weak hard-coded passwords which can be exploited and allow unauthorized access which cannot be disabled.

Action-Not Available
Vendor-Xerox Corporation
Product-altalink_c8055altalink_b8075altalink_c8030_firmwarealtalink_c8045altalink_c8045_firmwarealtalink_c8035_firmwarealtalink_c8055_firmwarealtalink_b8090_firmwarealtalink_b8055altalink_b8045_firmwarealtalink_b8065_firmwarealtalink_b8045altalink_c8035altalink_c8070altalink_b8075_firmwarealtalink_c8030altalink_b8090altalink_b8065altalink_b8055_firmwarealtalink_c8070_firmwareWorkCentre 7830/7835/7845/7855WorkCentre 6400Phaser 7800WorkCentre 6655WorkCentre 7220/7225WorkCentre 7970AltaLink C8030/C8035/C8045/C8055/C8070ColorQube 9301/9302/9303WorkCentre EC7836/EC7856Phaser 6700AltaLink B8045/B8055/B8065/B8075/B8090WorkCentre 5735/5740/5745/5755/5765/5775/5790WorkCentre 5845/5855/5865/5875/5890WorkCentre 7525/7530/7535/7545/7556WorkCentre 7755/7765/7775WorkCentre 5945/5955ColorQube 8700/8900WorkCentre 3655
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-47556
Matching Score-8
Assigner-Xerox Corporation
ShareView Details
Matching Score-8
Assigner-Xerox Corporation
CVSS Score-8.3||HIGH
EPSS-0.26% / 48.93%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 18:14
Updated-16 Oct, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pre-Auth RCE via Path Traversal

Pre-Auth RCE via Path Traversal

Action-Not Available
Vendor-Xerox Corporation
Product-freeflow_coreFreeFlow Corefreeflow_core
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-47557
Matching Score-8
Assigner-Xerox Corporation
ShareView Details
Matching Score-8
Assigner-Xerox Corporation
CVSS Score-8.3||HIGH
EPSS-0.26% / 48.93%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 18:17
Updated-16 Oct, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pre-Auth RCE via Path Traversal

Pre-Auth RCE via Path Traversal

Action-Not Available
Vendor-Xerox Corporation
Product-freeflow_coreFreeFlow Corefreeflow_core
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-37354
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 63.80%
||
7 Day CHG~0.00%
Published-15 Feb, 2022 | 19:08
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer overflow in the function sub_3226AC via the TIMEZONE variable. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

Action-Not Available
Vendor-n/aXerox Corporation
Product-phaser_4622_firmwarephaser_4622n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-28671
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.57% / 80.81%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 20:06
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox Phaser 6510 before 64.65.51 and 64.59.11 (Bridge), WorkCentre 6515 before 65.65.51 and 65.59.11 (Bridge), VersaLink B400 before 37.65.51 and 37.59.01 (Bridge), B405 before 38.65.51 and 38.59.01 (Bridge), B600/B610 before 32.65.51 and 32.59.01 (Bridge), B605/B615 before 33.65.51 and 33.59.01 (Bridge), B7025/30/35 before 58.65.51 and 58.59.11 (Bridge), C400 before 67.65.51 and 67.59.01 (Bridge), C405 before 68.65.51 and 68.59.01 (Bridge), C500/C600 before 61.65.51 and 61.59.01 (Bridge), C505/C605 before 62.65.51 and 62.59.01 (Bridge), C7000 before 56.65.51 and 56.59.01 (Bridge), C7020/25/30 before 57.65.51 and 57.59.01 (Bridge), C8000/C9000 before 70.65.51 and 70.59.01 (Bridge), C8000W before 72.65.51 have a remote Command Execution vulnerability in the Web User Interface that allows remote attackers with "a weaponized clone file" to execute arbitrary commands.

Action-Not Available
Vendor-n/aXerox Corporation
Product-versalink_c505versalink_c400_firmwareversalink_b7025versalink_c7000versalink_b605phaser_6510versalink_c9000versalink_b7030versalink_b615versalink_b600versalink_b600_firmwareversalink_b7035_firmwareversalink_c600_firmwareversalink_c605_firmwareversalink_b610versalink_b405versalink_c500versalink_c405_firmwareversalink_c8000_firmwareversalink_c505_firmwareversalink_c405versalink_c7030versalink_c8000w_firmwareversalink_c500_firmwareversalink_b7035versalink_c400workcentre_6515_firmwareversalink_c605versalink_c7025_firmwareversalink_b7030_firmwareversalink_c8000versalink_c8000wversalink_b400versalink_b605_firmwareversalink_c7020_firmwareversalink_c7020workcentre_6515versalink_c7030_firmwareversalink_c7000_firmwareversalink_b615_firmwareversalink_c7025versalink_c600versalink_b610_firmwareversalink_c9000_firmwareversalink_b405_firmwarephaser_6510_firmwareversalink_b7025_firmwareversalink_b400_firmwaren/a
CVE-2013-6362
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 62.78%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 22:54
Updated-06 Aug, 2024 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.

Action-Not Available
Vendor-n/aXerox Corporation
Product-workcentre_7755_firmwareworkcentre_7755colorqube_9202colorqube_9202_firmwareworkcentre_7530_firmwareworkcentre_7545workcentre_7556_firmwareworkcentre_7530colorqube_9203colorqube_9203_firmwareworkcentre_7525_firmwareworkcentre_7525colorqube_9201_firmwareworkcentre_7765_firmwareworkcentre_7775workcentre_6400workcentre_7775_firmwareworkcentre_7545_firmwarecolorqube_9201workcentre_7535_firmwareworkcentre_7556workcentre_7765workcentre_7535workcentre_6400_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-24008
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the confcli binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-40130
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 63.42%
||
7 Day CHG+0.24%
Published-16 Jul, 2024 | 00:00
Updated-21 Aug, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.

Action-Not Available
Vendor-open5gsn/aopen5gs
Product-open5gsn/aopen5gs
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29856
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.91%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 00:00
Updated-02 Aug, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-868ldir-868l_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24016
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the mesh_status_check binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-22873
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.09% / 83.31%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:43
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-jsishn/a
Product-jsishn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22741
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.48% / 80.19%
||
7 Day CHG~0.00%
Published-19 Jan, 2023 | 21:20
Updated-10 Mar, 2025 | 21:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
heap-over-flow in stun_parse_attribute in sofia-sip

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_parse_attribute(), after we get the attribute's type and length value, the length will be used directly to copy from the heap, regardless of the message's left size. Since network users control the overflowed length, and the data is written to heap chunks later, attackers may achieve remote code execution by heap grooming or other exploitation methods. The bug was introduced 16 years ago in sofia-sip 1.12.4 (plus some patches through 12/21/2006) to in tree libs with git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@3774 d0543943-73ff-0310-b7d9-9358b9ac24b2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-signalwirefreeswitch
Product-sofia-sipsofia-sip
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23477
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.13% / 33.60%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:51
Updated-23 Apr, 2025 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24313
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-4.71% / 88.95%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_system_data_serverInteractive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42545
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 68.02%
||
7 Day CHG~0.00%
Published-12 Aug, 2024 | 00:00
Updated-13 Aug, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/aa3700r
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24018
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the multiWAN binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24014
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the logserver binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24028
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommonprod.so binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-38922
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.18% / 39.41%
||
7 Day CHG+0.02%
Published-06 Dec, 2024 | 00:00
Updated-17 Dec, 2024 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose.

Action-Not Available
Vendor-openroboticsn/a
Product-robot_operating_systemn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-24024
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rtk_ate binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-30280
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.88% / 89.16%
||
7 Day CHG~0.00%
Published-26 Apr, 2023 | 00:00
Updated-03 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6900_firmwarer6900r6700_firmwarer6700n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42546
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.82%
||
7 Day CHG~0.00%
Published-12 Aug, 2024 | 00:00
Updated-15 Aug, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3100ra3100r_firmwaren/aa3100r_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2015-20111
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 77.89%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 00:00
Updated-18 Nov, 2024 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation.

Action-Not Available
Vendor-n/aBitcoin Wiki
Product-n/abitcoin_core
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24005
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the ap_steer binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24019
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the netctrl binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24025
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23468
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.38%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:49
Updated-23 Apr, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-38541
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 18.25%
||
7 Day CHG~0.00%
Published-19 Jun, 2024 | 13:35
Updated-04 Jun, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
of: module: add buffer overflow check in of_modalias()

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will point beyond the buffer's end. Add the buffer overflow check after the 1st snprintf() call and fix such check after the strlen() call (accounting for the terminating NUL char).

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinuxlinux_kernel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42813
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.65%
||
7 Day CHG~0.00%
Published-19 Aug, 2024 | 00:00
Updated-01 Apr, 2025 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-752dru_firmwaretew-752drun/atew-752dru_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24020
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the network_check binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-29468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-53.86% / 97.91%
||
7 Day CHG~0.00%
Published-14 Aug, 2023 | 00:00
Updated-05 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.

Action-Not Available
Vendor-tin/a
Product-wilink8-wifi-mcp8n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24021
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the online_process binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24013
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the gpio_ctrl binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 19
  • 20
  • Next
Details not found