Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-20731

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-16 Apr, 2020 | 19:10
Updated At-05 Aug, 2024 | 02:53
Rejected At-
Credits

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:16 Apr, 2020 | 19:10
Updated At:05 Aug, 2024 | 02:53
Rejected At:
▼CVE Numbering Authority (CNA)

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
3.05.6MEDIUM
CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N
Version: 3.0
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254
x_refsource_CONFIRM
Hyperlink: https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254
x_refsource_CONFIRM
x_transferred
Hyperlink: https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:16 Apr, 2020 | 20:15
Updated At:22 Apr, 2020 | 20:43

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.05.6MEDIUM
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
NETGEAR, Inc.
netgear
>>d6220_firmware>>Versions before 1.0.0.40(exclusive)
cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>d6220>>-
cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>d6400_firmware>>Versions before 1.0.0.74(exclusive)
cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>d6400>>-
cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>d7000_firmware>>Versions before 1.0.0.74(exclusive)
cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>d7000>>v2
cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>d8500_firmware>>Versions before 1.0.3.39(exclusive)
cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>d8500>>-
cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex3700_firmware>>Versions before 1.0.0.70(exclusive)
cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex3700>>-
cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex3800_firmware>>Versions before 1.0.0.70(exclusive)
cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex3800>>-
cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6000_firmware>>Versions before 1.0.0.30(exclusive)
cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6000>>-
cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6100_firmware>>Versions before 1.0.2.22(exclusive)
cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6100>>-
cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6120_firmware>>Versions before 1.0.0.40(exclusive)
cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6120>>-
cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6130_firmware>>Versions before 1.0.0.22(exclusive)
cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6130>>-
cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6150_firmware>>Versions before 1.0.0.42(exclusive)
cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6150>>v1
cpe:2.3:h:netgear:ex6150:v1:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6200_firmware>>Versions before 1.0.3.88(exclusive)
cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex6200>>-
cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex7000_firmware>>Versions before 1.0.0.66(exclusive)
cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>ex7000>>-
cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6250_firmware>>Versions before 1.0.4.20(exclusive)
cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6250>>-
cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6300_firmware>>Versions before 1.0.4.18(exclusive)
cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6300>>v2
cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6400_firmware>>Versions before 1.0.2.52(exclusive)
cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6400>>v2
cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6700_firmware>>Versions before 1.0.1.44(exclusive)
cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6700>>-
cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6900_firmware>>Versions before 1.0.1.46(exclusive)
cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6900>>-
cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7000_firmware>>Versions before 1.0.9.26(exclusive)
cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7000>>-
cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6900p_firmware>>Versions before 1.3.0.20(exclusive)
cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r6900p>>-
cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7000p_firmware>>Versions before 1.3.0.20(exclusive)
cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7000p>>-
cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7100lg_firmware>>Versions before 1.0.0.34(exclusive)
cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7100lg>>-
cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7300dst_firmware>>Versions before 1.0.0.62(exclusive)
cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7300dst>>-
cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r8000_firmware>>Versions before 1.0.4.12(exclusive)
cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r8000>>-
cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7900p_firmware>>Versions before 1.3.0.10(exclusive)
cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*
NETGEAR, Inc.
netgear
>>r7900p>>-
cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254cve@mitre.org
Vendor Advisory
Hyperlink: https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

362Records found
CVE-2024-51013
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%d_wla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000p_firmwarer7000pn/ar7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52028
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000p_firmwarer7000pn/ar7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-21210
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.65%
||
7 Day CHG~0.00%
Published-28 Apr, 2020 | 15:33
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wn2000rpt_firmwarewn3000rp_firmwared7800_firmwarewn3000rpr900d6000_firmwarewndr3700wndr3700_firmwarer900_firmwared7800r6100_firmwarewndr4500_firmwareex2700d6000wn3100rp_firmwarewn2000rptwndr4300_firmwarer7500d3600_firmwarer7500_firmwarer7800wn3100rpex2700_firmwarewndr4500d3600r6100wndr4300r7800_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-21214
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.13% / 33.40%
||
7 Day CHG~0.00%
Published-28 Apr, 2020 | 15:40
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wn2000rpt_firmwarewn3000rp_firmwarewn3000rpr9000_firmwared6000_firmwarer6100_firmwared6000ex2700wn2000rptwn3100rp_firmwarer9000r7500r7500_firmwared3600_firmwarewn3100rpex2700_firmwared3600r6100n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-21156
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.33% / 55.58%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 17:14
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, R6400 before 1.0.1.32, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R6900P before 1.3.0.18, R7000 before 1.0.9.28, R7000P before 1.3.0.18, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R7900P before 1.3.0.10, R8000 before 1.0.4.12, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.52, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.46.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6400_firmwareex6200ex3700r6900p_firmwared6220r8300r7300dst_firmwarer8500_firmwarer7000_firmwarer7300dstd6220_firmwarer6300_firmwared8500_firmwaredgn2200b_firmwareex6130r7900pex6000_firmwared7000d8500dgn2200br6700r7000wnr3500l_firmwareex6200_firmwareex6150d6400r6900_firmwareex3800r7900_firmwareex3700_firmwareex6000ex7000_firmwareex6120r6700_firmwarer7900p_firmwareex6150_firmwarer8000_firmwarer6250r8000ex3800_firmwareex7000r6900pr7900r8000pwndr3400dgn2200r8000p_firmwared6400_firmwarewn2500rpwn2500rp_firmwarer6250_firmwareex6100r7000p_firmwarer8500ex6130_firmwarewndr3400_firmwared7000_firmwarer8300_firmwarer6900r7000pwnr3500ldgn2200_firmwareex6100_firmwarer6300r6400ex6120_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52029
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000p_firmwarer7000pn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51002
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-30 Apr, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the l2tp_user_ip parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6400v2_firmwarer7000p_firmwarexr300_firmwarer8500_firmwarer8500xr300r7000pr6400v2n/axr300_firmwarer8500_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-50999
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.18% / 39.31%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-22 Apr, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r8500r8500_firmwaren/ar8500_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-50994
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-22 Apr, 2025 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6_fix.cgi via the ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_length parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r8500r8500_firmwaren/ar8500_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52015
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-05 Nov, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at bsw_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-n/axr300_firmwarer8500_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51001
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-22 Apr, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sysDNSHost parameter at ddns.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r8500r8500_firmwaren/ar8500_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51015
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.18% / 39.31%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P v1.3.3.154 was discovered to contain a command injection vulnerability via the device_name2 parameter at operation_mode.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000p_firmwarer7000pn/ar7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51006
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-22 Apr, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_static_ip parameter in the ipv6_tunnel function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r8500r8500_firmwaren/ar8500_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52013
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-05 Nov, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at wiz_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-n/axr300_firmwarer8500_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51022
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-xr300_firmwarexr300n/axr300_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52023
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-21 May, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6400v2_firmwarer7000pr7000p_firmwarexr300_firmwarexr300r6400v2n/axr300_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51012
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6_pri_dns parameter at ipv6_fix.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r8500r8500_firmwaren/ar8500_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52014
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-05 Nov, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-n/axr300_firmwarer8500_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51018
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000p_firmwarer7000pn/ar7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51017
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tp_user_netmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000p_firmwarer7000pn/ar7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-50997
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-01 May, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-xr300_firmwarer7000pr7000p_firmwarexr300r6400v2_firmwarer6400v2r8500r8500_firmwaren/axr300_firmwarer8500_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51019
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoe_localnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000p_firmwarer7000pn/ar7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52017
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 27.08%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the passphrase parameter at bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-xr300_firmwarexr300n/axr300_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51004
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-30 Apr, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usb_device.cgi via the cifs_user, read_access, and write_access parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r8500r7000p_firmwarer8500_firmwarer7000pn/ar8500_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51016
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the addName%d parameter in usb_approve.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-xr300_firmwarexr300n/axr300_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51011
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-05 Nov, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-n/axr300_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52026
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-21 May, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at bsw_pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6400v2_firmwarer7000pr7000p_firmwarexr300_firmwarexr300r6400v2n/axr300_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-50996
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-07 May, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the bpa_server parameter at genie_bpa.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-xr300_firmwarer7000pr6400v2_firmwarer7000p_firmwarer8500r6400v2r8500_firmwarexr300n/axr300_firmwarer8500_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52025
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-21 May, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6400v2_firmwarer7000pr7000p_firmwarexr300_firmwarexr300r6400v2n/axr300_firmwarer6400_firmwarer7000p_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-51014
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 00:00
Updated-02 May, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid_an parameter in bridge_wireless_main.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-xr300_firmwarexr300n/axr300_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-35787
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.14% / 34.52%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:40
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d6000_firmwarer6120r8900_firmwarer6220_firmwarepr2000r6080_firmwareex7000ex6200r6900pex8000r6120_firmwarer6900p_firmwared3600_firmwarer6800r6050pr2000_firmwarer6260_firmwarer6260r7000_firmwarer6220r6020d3600xr500_firmwarer6300_firmwarer6020_firmwarexr500r7000p_firmwared7000ex8000_firmwarer8900r9000_firmwarer6080d7000_firmwarer6700r7000d6000ex6200_firmwarer6900r7000pr9000d6200_firmwarer6900_firmwarer6050_firmwarer7800d6200jr6150jr6150_firmwareex7000_firmwarer6300r7800_firmwarer6700_firmwarer6800_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-22547
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.3||MEDIUM
EPSS-0.03% / 5.59%
||
7 Day CHG~0.00%
Published-04 May, 2021 | 13:05
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overrun in Google Cloud IoT Device SDK for Embedded C

In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading the Google Cloud IoT Device SDK for Embedded C used to 1.0.3 or greater.

Action-Not Available
Vendor-Google LLC
Product-cloud_iot_device_sdk_for_embedded_cGoogle Cloud IoT Device SDK for Embedded C
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-22301
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.70%
||
7 Day CHG~0.00%
Published-05 Feb, 2021 | 23:56
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-mate_30mate_30_firmwareHUAWEI Mate 30
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-12465
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.61%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 18:52
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-linux_kernelcloud_backupsolidfire_\&_hci_management_nodeactive_iq_unified_managerhci_baseboard_management_controllerhci_compute_nodesolidfire_baseboard_management_controlleraff_baseboard_management_controllersteelstore_cloud_integrated_storagen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10620
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.05%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8096au_firmwaremsm8996ausdx24_firmwaresm8150sm8150_firmwareapq8096ausdm439_firmwaremsm8996au_firmwareapq8098_firmwareapq8098qcn7605qcn7605_firmwaresdx24sdm439Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1962
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.57%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwaremdm9150_firmwaresd678qca9561sa6150p_firmwaresa8145p_firmwareqcs610fsm10056ar9380qca9563_firmwareqca9561_firmwarefsm10055_firmwareqca9880_firmwareqca9992wcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareipq8069_firmwaresa6155sd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9984_firmwarewcn3998wcn3950wcd9326_firmwaresd720gwcn3615_firmwareqca9563wcn3660bqca9982sa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6584ausa6155p_firmwareipq8065qca9990sa8155_firmwareipq8068wcn3988_firmwareqca6430sa6145p_firmwaresd205sm6250wcd9340sa8195pwsa8810_firmwarequalcomm215_firmwarefsm10056_firmwarewcd9326wcd9335sa6155pqca9982_firmwareqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwareqca9898_firmwarewcd9375aqt1000sa8150psm6250_firmwaresda429wsd210qca9992_firmwaresd855_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewcn3620sa8195p_firmwareqca9898wcn3610qca9882wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675qca9980_firmwareqca6595ar9380_firmwaresdx55m_firmwareqca9558qca9558_firmwareqca9896_firmwareipq8065_firmwareqca6574sd665_firmwarewcd9380qualcomm215qcs410qca6574asdx50m_firmwareqca9889qca9888qca6430_firmwareqca9994_firmwarewcd9335_firmwarewcn3980qca6574_firmwareqca9886qcs605sd855wcd9340_firmwarewsa8815sd665qca9887wcn3660b_firmwarewcn3680qca6574a_firmwareqca9984ipq8064ipq8069wcn3980_firmwaresd730qca6391sdx55mipq8064_firmwareaqt1000_firmwaresd678_firmwarewcn3680_firmwaresdx50mqca9882_firmwareqca9994qca9887_firmwareqca9531qca6574auqca9889_firmwaresa8155p_firmwareqca9980sd205_firmwareqca9880wcd9341_firmwarewsa8810sd210_firmwareqcs610_firmwaremdm9150sa6145pqca9886_firmwareqca6595_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psdx55sa8155psd675qca9990_firmwareqca9531_firmwaresd720g_firmwareqcs410_firmwareqca9896Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1961
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-1.15% / 77.60%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresm7250mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610wsa8830fsm10056qca8337sm7250_firmwareqca6431_firmwaremdm9650csra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwaresa6155sd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaremdm9206_firmwarewcn3660bsd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwaresd778gwcn3999qrb5165_firmwaresdxr2_5gqca9367qcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd205qca6421sd778g_firmwarewcd9340sa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qca6174a_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwarewcd9375msm8953_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwarewcn3610qcm6125_firmwaremdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990wcd9330msm8996au_firmwaresd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574msm8996ausd665_firmwarewcd9380sd888_5gwcn3999_firmwarequalcomm215qcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca6174asm7325qca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665mdm9650_firmwaresd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwarewcn3980_firmwareapq8009qca6391sd460sdx55mwcd9330_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953ar8031_firmwarewcn3680_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125sd480sd870wsa8810wcn6855sd210_firmwareqcs610_firmwaremdm9150wcn6856qsm8250sd_8csa6145pwcn3680bsd768gapq8096auar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55apq8053apq8096au_firmwarecsra6640sa8155psdx12qcs410_firmwarear8035_firmwareqsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1931
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwarewcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610qcs2290_firmwarefsm10056qca8337qca6431_firmwarecsrb31024sd_636csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155qca6335sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125sd720gwcd9326_firmwarewcn3950sd662sd710_firmwaresd460_firmwaresa8155qca6320_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3999_firmwareqca6420qca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310sd778gwcn3999sdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresdm630sa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250wcd9340sa8195psdm830_firmwarewsa8810_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwaresm6250_firmwarewcd9375wcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwareqca6174asm7325psdx24_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6335_firmwareqca6574_firmwareqcs605wcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665wcn3910qca6320wcn6850wsa8815sd_8c_firmwaresd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290sdx50msd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwaresd710sd_636_firmwaresd670qca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wsa8810qcs610_firmwarewcn6856sd_8csa6145psd835_firmwareqca6564_firmwaresdxr1sd768gar8031qcs405_firmwaresa8145pwcn6740qca6696sdm630_firmwareqca6391_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640sd675sd845sm7250psdm830sd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33230
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.26%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in FM Host

Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830sa6150p_firmwaresa8145p_firmwaresw5100pqca6554asnapdragon_w5\+_gen_1_wearable_platformqca6595qca6564auwsa8835qca6574sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwarewcd9370qca6574asnapdragon_wear_4100\+_platformqca6584au_firmwareqca6430_firmwarewcn3980sm4375wcn3998qca6554a_firmwarewcd9385_firmwareqca6574_firmwaresm6375_firmwarewcn3660bsd855wsa8815wcn3660b_firmwareqca6574a_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcd9375_firmwarewcn3980_firmwarewcn3610_firmwareqca6420sm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareaqt1000_firmwareqca6564au_firmwareqca6584ausa6155p_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresm4375_firmwaresw5100wsa8810sa6155psw5100p_firmwaresa6145pwcn3680bwcd9385sm8150_firmwarewcd9341qca6696_firmwareqca6595_firmwaresa8145pqca6696sm4350wcd9375sm4350_firmwareaqt1000sa8150pwcd9370_firmwaresm4350-ac_firmwaresa6150psa8155pwsa8830_firmwaresd855_firmwaresm8150wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwarewcn3610Snapdragonaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresa6150p_firmwaresa8145p_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarewsa8810_firmwaresa8150p_firmwarewcd9341_firmwareqca6420_firmwareqca6595au_firmwaresw5100p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqca6696_firmwareqca6430_firmwareqca6595_firmwareqca6554a_firmwarewcd9385_firmwaresnapdragon_855_mobile_platform_firmwareqca6574_firmwarewcd9370_firmwarewsa8830_firmwaresd855_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresa8195p_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcn3680b_firmwaresw5100_firmwarewcd9375_firmwarewcn3980_firmwarewcn3610_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33224
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.84%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in Core

Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwarewcn3991wsa8830wcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformwcn785x-5sm8350-ac_firmwaresm8150-acwsa8835wcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresm8350snapdragon_wear_4100\+_platformwcn685x-5_firmwarewcn685x-1sm8450qca6430_firmwarewcn3980wcn3998wcd9385_firmwarewcn3660bsd855wsa8815wcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcn3610_firmwareqca6420snapdragon_w5\+_gen_1_wearable_platform_firmwareaqt1000_firmwaresa6155p_firmwareqcs8155qca6698aqsm8350_firmwarewcn685x-5wcn3988_firmwareqca6430qca6797aq_firmwarewcn785x-1_firmwaresa6145p_firmwareqca6574ausa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresm8450_firmwaresw5100wsa8810sa8255p_firmwaresa6155psw5100p_firmwaresm8150-ac_firmwareqca6698aq_firmwaresa6145pwcn3680bsm8350-acwcn685x-1_firmwarewcd9385sm8150_firmwaresa8255pwcd9341qca6696_firmwaresa8145pqca6696qca6797aqaqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresm8150wcn785x-1wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcs8155_firmwaresw5100_firmwareqam8255pwcn3610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32981
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.61% / 68.76%
||
7 Day CHG+0.04%
Published-10 Jun, 2022 | 19:42
Updated-03 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33226
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.84%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwarewcn3991wcd9380_firmwarewsa8830wcn785x-5sm8350-ac_firmwaresm8150-acwsa8835wcd9380qca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresm8350snapdragon_wear_4100\+_platformwcn685x-5_firmwarewcn685x-1qca6430_firmwaresm8450wcn3980wcn3998wcd9385_firmwaresd855wcn3660bwsa8815wcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcn3610_firmwareqca6420aqt1000_firmwareqca6698aqsm8350_firmwarewcn685x-5qca6797aq_firmwareqca6430wcn785x-1_firmwareqca6574auwsa8810_firmwarewcd9341_firmwaresm8450_firmwarewsa8810sa8255p_firmwaresm8150-ac_firmwareqca6698aq_firmwarewcn3680bsm8350-acwcn685x-1_firmwarewcd9385sm8150_firmwaresa8255pwcd9341qca6797aqaqt1000wsa8830_firmwaresd855_firmwaresm8150wcn785x-1wsa8815_firmwarewsa8835_firmwareqam8255pwcn3610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-0115
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.15%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel Corporation
Product-core_i7-6870hqxeon_e-2286gatom_c3950core_i3-9100ecore_i3-10100xeon_silver_4109tcore_i3-7300core_i5-1038ng7core_i5-11400core_i9-7900xcore_i7-10510yxeon_d-1548xeon_bronze_3106xeon_platinum_8260yxeon_d-1633nxeon_d-1653nxeon_platinum_8153xeon_e-2246gcore_i5-6350hqcore_i9-9960xcore_i3-6300txeon_e-2374gxeon_gold_5218txeon_w-2123core_i5-11260hxeon_e-2236xeon_gold_5218nxeon_w-1270exeon_d-1531core_i5-6500tcore_i5-7500core_i5-6260uxeon_e-2278gecore_i5-7440hqxeon_platinum_8156core_i7-8709gatom_c3758xeon_d-2177ntxeon_gold_6142fxeon_silver_4214ycore_i9-11900kfxeon_w-10855mxeon_gold_6230txeon_silver_4210rxeon_w-1270xeon_w-3235core_i9-10900txeon_e-2126gcore_i5-8200ycore_i7-10700tecore_i9-10900kxeon_gold_5220rcore_i5-8260ucore_i5-11400fxeon_w-11955mcore_i5-10400txeon_w-1290ecore_i7-1185g7core_i7-9700kfcore_i9-10900xxeon_platinum_9221xeon_d-2142itcore_m7-6y75xeon_w-3335core_i9-11900kcore_i5-10500hxeon_w-11555mrecore_i5-10600kfxeon_e-2146gcore_i3-1005g1core_i7-1068ng7xeon_silver_4112xeon_gold_6140xeon_d-1637core_i5-9400fcore_i3-10100ecore_i7-6800kcore_i7-7560uatom_c3538core_i7-9700txeon_gold_5120xeon_gold_6238core_i5-11600kfcore_i5-7600tcore_i7-4820kxeon_d-1602core_i5-8365uatom_c3508xeon_w-2245core_i5-9600kfxeon_d-2145ntxeon_platinum_8256xeon_gold_6130fxeon_e-2276mxeon_e-2224gcore_i5-8269uxeon_d-2163itcore_i3-1120g4core_i7-3930kcore_i5-11400hcore_i9-11900hxeon_d-1623ncore_i7-1185g7ecore_i7-10810ucore_i3-10300txeon_d-1521core_i3-8100core_i3-8145uecore_i5-1130g7core_i9-11900core_i5-6585rcore_i5-9600kxeon_gold_6144core_i5-8265ucore_i7-10700tcore_i9-9900kfcore_i3-7100core_m5-6y54core_i5-6300hqxeon_gold_5118core_i5-1145g7core_i5-9300hcore_i5-10500ecore_i7-10750hcore_i9-10850kxeon_silver_4114tcore_i5-8500bxeon_d-2143itxeon_silver_4209txeon_e-2226gexeon_gold_6212ucore_i5-6600core_i3-8100hcore_i7-8706gcore_i3-6300core_i9-11900fxeon_silver_4215xeon_gold_6230ncore_i9-10920xcore_i9-11950hatom_c3750xeon_gold_6138pcore_i7-1195g7core_i5-10310ucore_i9-10885hcore_i7-8557ucore_i5-7440eqcore_i3-6320xeon_e-2386gcore_i7-1165g7core_m3-7y32core_i7-11850hexeon_e-2134xeon_w-1290tecore_i5-1145g7ecore_i5-6440eqcore_i5-1030g7core_i9-10980hkxeon_e-2176mxeon_w-11155mlexeon_gold_6130xeon_silver_4210txeon_e-2274gxeon_gold_6136core_i5-6287ucore_i7-8500yxeon_w-3323core_i5-9600tatom_c3558rcore_i9-7960xxeon_w-1370atom_c3808core_i5-9600xeon_d-1559xeon_gold_6134xeon_w-3375xeon_e-2174gcore_i5-8600txeon_d-1537xeon_gold_5218bxeon_gold_6128core_i7-1180g7xeon_e-2176gxeon_e-2288gcore_i3-6100hcore_i7-7500uxeon_gold_6146xeon_w-1370pxeon_gold_6254core_i3-10320xeon_gold_5218rcore_i3-10105fxeon_w-2235core_i3-6098pcore_i5-6400xeon_d-1649nxeon_w-3175xcore_i7-10875hxeon_w-3225core_i3-7101tecore_i7-7700xeon_d-1540core_i3-11100hecore_i5-10400hxeon_gold_6246rcore_i5-7300hqxeon_d-1513nxeon_w-10885mxeon_gold_6126xeon_d-1527core_i9-9940xcore_i9-9900xcore_i5-6600kcore_i9-7940xcore_i7-9700exeon_e-2254mecore_i7-9700tecore_i7-6700txeon_gold_6248rxeon_silver_4214xeon_w-2125xeon_platinum_9222core_i3-10105tcore_i5-11300hcore_i5-6500texeon_gold_5220sxeon_platinum_8260core_i5-6500core_i3-1000g4core_i3-9100hlcore_i9-10900kfcore_i3-10100tatom_c3858xeon_d-2146ntxeon_e-2144gcore_i9-9980hkxeon_w-11555mlecore_i5-11500hexeon_e-2244gcore_i3-7100tcore_i3-6102exeon_w-1390txeon_silver_4216core_i5-1140g7core_i7-11700kfcore_i7-10610ucore_i7-6770hqxeon_platinum_8180xeon_platinum_8276lxeon_gold_6138tcore_i7-7740xcore_i7-11375hcore_i7-7y75core_i7-8559ucore_i5-9500eatom_c3850core_i5-11500txeon_e-2124gcore_i7-4930kcore_i5-9400core_i7-4960xcore_i7-5960xcore_i7-6600uxeon_gold_6138core_i7-1185grecore_i3-10325xeon_gold_6138fxeon_e-2356gcore_i7-8700xeon_d-1557core_i3-7130ucore_i5-8400atom_c3436lxeon_w-3245mxeon_e-2334core_i7\+8700core_i7-9850hatom_c3708xeon_w-1350core_i5-7600core_i9-10980xecore_i7-6500ucore_i5-1035g1xeon_w-11865mlecore_i7-11850hxeon_w-1290xeon_e-2186gxeon_silver_4210core_i3-10110uxeon_gold_6234atom_c3336core_i7-4930mxxeon_w-1350pcore_i9-10900xeon_w-1250core_i5-9400tcore_i5-7360ucore_i5-7300ucore_i7-11800hcore_i3-10300core_i5-6600tcore_i7-8565uxeon_gold_6154xeon_silver_4110core_i7-7700katom_c3830xeon_platinum_8176core_i7-10870hcore_i3-10100fcore_i7-10510uxeon_bronze_3104xeon_w-1290pcore_i5-8310yxeon_gold_5217core_i5-6440hqcore_i7-6850kxeon_gold_5120txeon_e-2324gxeon_w-3245core_i7-6660ucore_i9-7980xecore_i3-6100exeon_gold_6210ucore_i5-7200uxeon_gold_5115core_i7-9700fxeon_w-3345core_i5-10210ucore_i7-6820hqxeon_d-1528xeon_w-2295xeon_e-2234core_i3-9100tcore_i5-10500core_i5-8400bcore_i3-7100hcore_i7-8850hxeon_gold_5215core_i3-6100ucore_i9-9900kscore_i9-7920xxeon_w-11865mrecore_i5-11600kcore_i9-10900tecore_i9-8950hkcore_i5-6360ucore_i3-6157ucore_i5-9500fcore_i3-10100yxeon_e-2378core_i7-7820xcore_i3-1115g4ecore_i5-10600tcore_i5-7640xcore_i7-7800xxeon_w-3275mxeon_gold_6250lcore_i5-9400hxeon_gold_6209ucore_i9-9920xxeon_platinum_8253xeon_gold_6252ncore_i7-7660ucore_i3-9320xeon_platinum_8158core_i7-7700hqatom_c3308xeon_platinum_8280core_i5-6402pcore_m3-7y30xeon_w-11155mrexeon_gold_6252xeon_w-2135core_i3-10105core_i5-11400tcore_i7-11700kcore_i7-4940mxcore_i7-8550uxeon_e-2276mlxeon_gold_6246xeon_silver_4214rcore_i9-10940xcore_i7-9700core_i7-6700hqcore_i3-8300core_i7-9850hexeon_gold_6230rcore_i7-10700kfcore_i5-8400tcore_i5-7500txeon_d-2187ntxeon_silver_4116tcore_i7-1065g7xeon_d-1518core_i7-9800xxeon_silver_4208core_i5-6267ucore_i3-1000g1xeon_gold_6126txeon_w-2225xeon_silver_4116xeon_e-2276mecore_i5-7y54xeon_w-1250ecore_i5-7400core_i7-6950xfas\/aff_biosxeon_platinum_8160fxeon_platinum_8164core_i7-6567uxeon_platinum_8176fxeon_gold_5215lcore_i5-7287uxeon_platinum_8168core_i7-3970xcore_i7-3960xcore_i7-11600hcore_i7-7920hqcore_i7-10700core_i5-1145grecore_i3-7020uxeon_d-1533nxeon_gold_6240lxeon_w-3265mxeon_gold_6248core_i5-1135g7xeon_w-2195xeon_e-2136core_i5-9300hfxeon_w-1270pcore_i3-1115g4xeon_gold_6258rxeon_platinum_9282core_i3-8145ucore_i3-9300core_i5-10400xeon_d-2173itxeon_d-2161icore_i7-7567uxeon_w-1250pcore_i7-8700kcore_i5-1155g7core_i3-9300tcore_i7-7820hqcore_i7-7820eqcore_i7-9700kxeon_d-2123itxeon_platinum_8160tcore_i3-8109ucore_i5-8365uexeon_gold_6142core_i3-1110g4xeon_bronze_3206rxeon_gold_6148core_i7-3820xeon_w-3275xeon_gold_6240core_i3-7320core_i7-10700ecore_i5-8350ucore_i7-3940xmxeon_gold_5220xeon_gold_6126fcore_i3-10100tecore_m5-6y57xeon_e-2388gcore_i7-11390hxeon_platinum_8268xeon_e-2226gcore_i5-7y57core_i7-6700texeon_gold_6240rcore_i7-3920xmcore_i5-7260uxeon_e-2278gxeon_silver_4215rcore_i9-10900ecore_i3-9100core_i7-9750hxeon_e-2124core_i5-8250ucore_i5-8600core_i9-11980hkxeon_w-3265core_i5-10500tecore_i5-11500core_i3-6100tecore_i7-11700xeon_platinum_8160xeon_gold_5119tcore_i7-8700bcore_i5-10500txeon_gold_6148fcore_i5-10600core_i5-10310yxeon_w-1250texeon_gold_6208ucore_i3-9100teatom_c3338core_i5-8259uxeon_gold_6242core_i7-10700kxeon_e-2336xeon_d-1627xeon_e-2186mxeon_e-2286mcore_i9-9880hcore_i7-6650ucore_i7-11370hcore_i5-7442eqcore_i7-8665uecore_i3-8130ucore_i3-7167ucore_i3-8300tcore_i5-11500hcore_i5-1035g4core_i5-11600tcore_i7-8650ucore_i5-10200hcore_i9-9900kcore_i7-8705gxeon_platinum_8276xeon_d-1529xeon_gold_5220tcore_i7-5930kcore_i5-10400fcore_i7-1160g7core_i7-7600uxeon_gold_6244xeon_gold_6242rcore_i3-7100exeon_w-2275xeon_w-2265core_i5-9500xeon_gold_6226rcore_i3-7101ecore_i9-9900xeon_bronze_3204core_i9-9820xxeon_d-1567xeon_w-3365core_i7-9850hlcore_i5-8400hcore_i5-6300ucore_m3-6y30core_i7-9750hfxeon_d-2141ixeon_w-2175xeon_silver_4108core_i3-10110ycore_i5-1035g7core_i7-7820hkxeon_e-2254mlxeon_w-11855mcore_i5-8305gcore_i3-6100xeon_gold_6240ycore_i3-9350kxeon_gold_6238lxeon_w-1390cloud_backupcore_i3-1115grecore_i5-11600core_i5-7400tcore_i7-11700fcore_i3-6100tcore_i7-8750hcore_i7-8665ucore_i3-10305txeon_d-2183itcore_i5-8300hcore_i3-8140ucore_i3-8350kcore_i5-10600kcore_i7-8086kxeon_gold_5222core_i7-10850hxeon_d-1523nxeon_gold_6256core_i5-9500teatom_c3958xeon_gold_6130tatom_c3338rxeon_d-1520core_i3-8100bcore_i3-6167ucore_i5-8279uxeon_platinum_8280lcore_m3-8100ycore_i5-7267ucore_i5-8600kcore_i3-7100uxeon_d-1543ncore_i5-6442eqcore_i7-8700txeon_silver_4114xeon_d-1541core_i7-11700txeon_d-1622xeon_platinum_9242core_i7-6700kcore_i7-6970hqxeon_w-2223core_i7-6822eqcore_i3-7300txeon_gold_6238tatom_c3955core_i5-8500core_i9-11900tcore_i5-8210ycore_i7-6785rcore_i7-6560ucore_i7-1060g7core_i5-8257ucore_i7-8569ucore_i7-5820kcore_i9-9900tcore_i7-6900kcore_i7-7700tcore_i9-9980xeatom_c3558core_i5-6685rxeon_w-2133xeon_gold_6250core_i3-9350kfxeon_platinum_8260lxeon_platinum_8270xeon_w-1290tcore_i5-8500tcore_i7-8809gxeon_gold_6226core_i5-11320hxeon_d-1577xeon_gold_6132xeon_e-2314core_i5-6400tcore_i3-10305xeon_d-2166ntcore_i3-7350kxeon_w-1390pcore_i5-10505xeon_d-1539core_i7-6700core_i7-6820eqcore_i7-6920hqcore_i5-7600kcore_i7-6820hkxeon_w-2255xeon_gold_6262vcore_i3-6006ucore_i7-10710ucore_i5-10210ycore_i5-10300hxeon_w-1270texeon_e-2224xeon_gold_5218xeon_w-2145xeon_gold_6238rcore_i3-9100fxeon_platinum_8170core_i9-10900fcore_i3-1125g4xeon_e-2278gelxeon_d-1553ncore_i5-1030g4xeon_e-2378gcore_i3-8100tcore_i5-9500txeon_w-3223xeon_w-2155xeon_gold_6152core_i3-7102exeon_gold_6150xeon_e-2276gcore_i5-6200uxeon_gold_6222vcore_i7-10700fxeon_d-1571xeon_gold_5122atom_c3758rxeon_gold_6230Intel(R) Processors
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-1000117
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 25.88%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 14:00
Updated-17 Sep, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.

Action-Not Available
Vendor-n/aMicrosoft CorporationPython Software Foundation
Product-windowspythonn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8710
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:31
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8719
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.2||HIGH
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:29
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8718
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.18% / 40.20%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:43
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8252
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.38%
||
7 Day CHG~0.00%
Published-18 Sep, 2020 | 20:11
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)openSUSEFedora Project
Product-fedoranode.jsleapNode
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-6238
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.95%
||
7 Day CHG~0.00%
Published-21 Nov, 2023 | 20:21
Updated-17 Oct, 2024 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: nvme: memory corruption via unprivileged user passthrough

A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-fedoralinux_kernelRed Hat Enterprise Linux 9kernelRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8729
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.87%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:56
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • Next
Details not found