Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-32988

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-29 Jun, 2021 | 14:50
Updated At-03 Aug, 2024 | 23:42
Rejected At-
Credits

FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:29 Jun, 2021 | 14:50
Updated At:03 Aug, 2024 | 23:42
Rejected At:
▼CVE Numbering Authority (CNA)

FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.

Affected Products
Vendor
n/a
Product
FATEK Automation WinProladder
Versions
Affected
  • WinProladder: Versions 3.30 and prior
Problem Types
TypeCWE IDDescription
CWECWE-787Out-of-bounds write CWE-787
Type: CWE
CWE ID: CWE-787
Description: Out-of-bounds write CWE-787
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01
x_refsource_MISC
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01
x_refsource_MISC
x_transferred
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:29 Jun, 2021 | 15:15
Updated At:02 Jul, 2021 | 19:45

FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
fatek
fatek
>>winproladder>>Versions up to 3.30(inclusive)
cpe:2.3:a:fatek:winproladder:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primaryics-cert@hq.dhs.gov
CWE ID: CWE-787
Type: Primary
Source: ics-cert@hq.dhs.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01ics-cert@hq.dhs.gov
Third Party Advisory
US Government Resource
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-175-01
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

2461Records found
CVE-2021-32990
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.75% / 72.67%
||
7 Day CHG~0.00%
Published-29 Jun, 2021 | 14:50
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-fatekn/a
Product-winproladderFATEK Automation WinProladder
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-32992
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 71.54%
||
7 Day CHG~0.00%
Published-29 Jun, 2021 | 14:50
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-fatekn/a
Product-winproladderFATEK Automation WinProladder
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-6023
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-3.96% / 88.08%
||
7 Day CHG~0.00%
Published-16 Mar, 2017 | 03:49
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and CM25E versions prior to V3.6 Build 170215. A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution or crash the affected device.

Action-Not Available
Vendor-fatekn/a
Product-ethernet_module_configuration_tool_cm25e_firmwareethernet_module_configuration_tool_cbeh_firmwareethernet_module_configuration_tool_cbe_firmwareplc_ethernet_moduleethernet_module_configuration_tool_cm55e_firmwareFatek Automation PLC Ethernet Module
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-38432
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.86% / 74.63%
||
7 Day CHG~0.00%
Published-15 Oct, 2021 | 14:13
Updated-16 Sep, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FATEK Automation Communication Server

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.

Action-Not Available
Vendor-fatekFATEK Automation
Product-communication_servercommunication_server_firmwareCommunication Server
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-32947
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.99%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:44
Updated-03 Aug, 2024 | 23:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-fatekn/a
Product-fvdesignerFATEK Automation FvDesigner
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-32939
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.21% / 42.45%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 12:44
Updated-03 Aug, 2024 | 23:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution.

Action-Not Available
Vendor-fatekn/a
Product-fvdesignerFATEK Automation FvDesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-2866
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.82%
||
7 Day CHG~0.00%
Published-31 Aug, 2022 | 15:59
Updated-16 Apr, 2025 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FATEK Automation FvDesigner Out-of-bounds Write

FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution.

Action-Not Available
Vendor-fatekFATEK Automation
Product-fvdesignerFvDesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22683
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.21%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 16:09
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Fatek FvDesigner Version 1.5.76 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

Action-Not Available
Vendor-fatekn/a
Product-fvdesignerFatek FvDesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34271
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 16:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18178.

Action-Not Available
Vendor-fatekFatek Automationfatek
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34270
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18176.

Action-Not Available
Vendor-fatekFatek Automationfatek
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34262
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.73% / 72.36%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-13 Mar, 2025 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18161.

Action-Not Available
Vendor-fatekFatek Automationfatek_automation
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25170
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.51% / 65.96%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 18:10
Updated-16 Apr, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ICSA-22-055-01 FATEK Automation FvDesigner

The affected product is vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code

Action-Not Available
Vendor-fatekFATEK Automation
Product-fvdesignerFvDesigner
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23985
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.27% / 50.14%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 18:10
Updated-16 Apr, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ICSA-22-055-01 FATEK Automation FvDesigner

The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.

Action-Not Available
Vendor-fatekFATEK Automation
Product-fvdesignerFvDesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43556
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.61% / 69.21%
||
7 Day CHG~0.00%
Published-28 Dec, 2021 | 18:17
Updated-16 Sep, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FATEK Automation WinProladder

FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to a stack-based buffer overflow while processing project files, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-fatekFATEK Automation
Product-winproladderWinProladder
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43554
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.32% / 54.26%
||
7 Day CHG~0.00%
Published-28 Dec, 2021 | 18:17
Updated-16 Sep, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FATEK Automation WinProladder

FATEK WinProladder Versions 3.30_24518 and prior are vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-fatekFATEK Automation
Product-winproladderWinProladder
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-38436
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.56% / 67.56%
||
7 Day CHG~0.00%
Published-18 Oct, 2021 | 12:39
Updated-17 Sep, 2024 | 01:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

Action-Not Available
Vendor-fatekFATEK Automation
Product-winproladderWinProladder
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-38426
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.30% / 53.08%
||
7 Day CHG~0.00%
Published-18 Oct, 2021 | 12:38
Updated-16 Sep, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code.

Action-Not Available
Vendor-fatekFATEK Automation
Product-winproladderWinProladder
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-38442
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.56% / 67.56%
||
7 Day CHG~0.00%
Published-18 Oct, 2021 | 12:38
Updated-16 Sep, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process.

Action-Not Available
Vendor-fatekFATEK Automation
Product-winproladderWinProladder
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22666
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 16:04
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution.

Action-Not Available
Vendor-fatekn/a
Product-fvdesignerFatek FvDesigner
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34273
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 16:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18183.

Action-Not Available
Vendor-fatekFatek Automationfatek
Product-fvdesignerFvDesignerautomation_fv_designer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34264
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-13 Mar, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18164.

Action-Not Available
Vendor-fatekFatek Automationfatek_automation
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34266
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-13 Mar, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18168.

Action-Not Available
Vendor-fatekFatek Automationfatek_automation
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34265
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.53% / 66.76%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-13 Mar, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18166.

Action-Not Available
Vendor-fatekFatek Automationfatek
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34268
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-13 Mar, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18172.

Action-Not Available
Vendor-fatekFatek Automationfatek
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34267
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:56
Updated-13 Mar, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18170.

Action-Not Available
Vendor-fatekFatek Automationfatek
Product-fvdesignerFvDesignerfvdesigner
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34269
Matching Score-6
Assigner-Zero Day Initiative
ShareView Details
Matching Score-6
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.52%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 01:57
Updated-13 Mar, 2025 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FPJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18173.

Action-Not Available
Vendor-fatekFatek Automationfatek
Product-fvdesignerFvDesignerautomation_fv_designer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-4029
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-2.11% / 83.78%
||
7 Day CHG~0.00%
Published-13 May, 2019 | 15:42
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution.

Action-Not Available
Vendor-anker-inn/a
Product-roav_dashcam_a1_firmwareroav_dashcam_a1Novatek
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-4014
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8||HIGH
EPSS-2.33% / 84.51%
||
7 Day CHG~0.00%
Published-13 May, 2019 | 15:21
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.

Action-Not Available
Vendor-anker-inn/a
Product-roav_dashcam_a1_firmwareroav_dashcam_a1Anker
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-42170
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.46%
||
7 Day CHG~0.00%
Published-17 Oct, 2022 | 00:00
Updated-15 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac10ac10_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-4918
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-1.93% / 83.08%
||
7 Day CHG~0.00%
Published-19 May, 2018 | 17:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAdobe Acrobat and Reader 2018.009.20050 and earlier versions , 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5147
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.43% / 80.31%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.

Action-Not Available
Vendor-Debian GNU/LinuxMozilla Corporation
Product-debian_linuxfirefoxFirefoxFirefox ESR
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-3991
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-79.31% / 99.04%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 22:00
Updated-05 Aug, 2024 | 04:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability.

Action-Not Available
Vendor-wibun/aSiemens AGMicrosoft Corporation
Product-windowswibukeysimatic_wincc_open_architecturen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-4917
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-3.24% / 86.80%
||
7 Day CHG~0.00%
Published-19 May, 2018 | 17:00
Updated-05 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_reader_2017acrobat_dcacrobat_2017acrobat_reader_dcwindowsmacosAdobe Acrobat and Reader 2018.009.20050 and earlier versions , 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-4023
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-2.58% / 85.24%
||
7 Day CHG~0.00%
Published-13 May, 2019 | 15:24
Updated-05 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution.

Action-Not Available
Vendor-anker-inn/a
Product-roav_dashcam_a1_firmwareroav_dashcam_a1Novatek
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31895
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.1||HIGH
EPSS-1.16% / 78.27%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:02
Updated-14 Oct, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.7), RUGGEDCOM i801 (All versions < V4.3.7), RUGGEDCOM i802 (All versions < V4.3.7), RUGGEDCOM i803 (All versions < V4.3.7), RUGGEDCOM M2100 (All versions < V4.3.7), RUGGEDCOM M2200 (All versions < V4.3.7), RUGGEDCOM M969 (All versions < V4.3.7), RUGGEDCOM RMC30 (All versions < V4.3.7), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM RP110 (All versions < V4.3.7), RUGGEDCOM RS1600 (All versions < V4.3.7), RUGGEDCOM RS1600F (All versions < V4.3.7), RUGGEDCOM RS1600T (All versions < V4.3.7), RUGGEDCOM RS400 (All versions < V4.3.7), RUGGEDCOM RS401 (All versions < V4.3.7), RUGGEDCOM RS416 (All versions < V4.3.7), RUGGEDCOM RS416P (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.5.4), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM RS8000 (All versions < V4.3.7), RUGGEDCOM RS8000A (All versions < V4.3.7), RUGGEDCOM RS8000H (All versions < V4.3.7), RUGGEDCOM RS8000T (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900G (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900GP (All versions < V4.3.7), RUGGEDCOM RS900L (All versions < V4.3.7), RUGGEDCOM RS900W (All versions < V4.3.7), RUGGEDCOM RS910 (All versions < V4.3.7), RUGGEDCOM RS910L (All versions < V4.3.7), RUGGEDCOM RS910W (All versions < V4.3.7), RUGGEDCOM RS920L (All versions < V4.3.7), RUGGEDCOM RS920W (All versions < V4.3.7), RUGGEDCOM RS930L (All versions < V4.3.7), RUGGEDCOM RS930W (All versions < V4.3.7), RUGGEDCOM RS940G (All versions < V4.3.7), RUGGEDCOM RS969 (All versions < V4.3.7), RUGGEDCOM RSG2100 (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2100P (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2200 (All versions < V4.3.7), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM RSG907R (All versions < V5.5.4), RUGGEDCOM RSG908C (All versions < V5.5.4), RUGGEDCOM RSG909R (All versions < V5.5.4), RUGGEDCOM RSG910C (All versions < V5.5.4), RUGGEDCOM RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM RSL910 (All versions < V5.5.4), RUGGEDCOM RST2228 (All versions < V5.5.4), RUGGEDCOM RST2228P (All versions < V5.5.4), RUGGEDCOM RST916C (All versions < V5.5.4), RUGGEDCOM RST916P (All versions < V5.5.4). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote attacker to cause memory to be overwritten, potentially allowing remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_ros_rs900ruggedcom_ros_m2100ruggedcom_rst916pruggedcom_ros_rs900lruggedcom_ros_rs910wruggedcom_ros_rs969ruggedcom_i802ruggedcom_ros_rs920lruggedcom_rsg2300pruggedcom_ros_rs910lruggedcom_rs910lruggedcom_rmc30ruggedcom_ros_rmc30ruggedcom_rs900wruggedcom_ros_rsg2200ruggedcom_ros_rsg900rruggedcom_rs8000truggedcom_rs940gruggedcom_ros_i803ruggedcom_m969ruggedcom_rs930lruggedcom_ros_m2200ruggedcom_rsg2100ruggedcom_ros_rsg2288ruggedcom_rsg2100pruggedcom_ros_rmcruggedcom_rsg900gruggedcom_rs8000ruggedcom_rs910wruggedcom_ros_rsg900ruggedcom_ros_rsl910ruggedcom_ros_rs416ruggedcom_ros_rs930wruggedcom_ros_m969ruggedcom_ros_rsg2300pruggedcom_i803ruggedcom_ros_rsg900gruggedcom_ros_rsg920pruggedcom_rsg900rruggedcom_ros_rp110ruggedcom_rs401ruggedcom_rs900ruggedcom_ros_rmc8388ruggedcom_ros_rs900gruggedcom_rmc41ruggedcom_rs900gruggedcom_rs910ruggedcom_ros_rsg2100ruggedcom_rsg920pruggedcom_rp110ruggedcom_ros_rmc41ruggedcom_ros_rsg2300ruggedcom_ros_i802ruggedcom_rs416ruggedcom_ros_rst916cruggedcom_rs8000hruggedcom_rs920lruggedcom_ros_rst916pruggedcom_rmc8388ruggedcom_ros_rs416v2ruggedcom_ros_rs8000ruggedcom_ros_rs8000aruggedcom_ros_rst2228ruggedcom_rs400ruggedcom_ros_rs900wruggedcom_ros_rs930lruggedcom_ros_rs940gruggedcom_rs969ruggedcom_m2100ruggedcom_ros_i800ruggedcom_rsg2288ruggedcom_rsg900ruggedcom_m2200ruggedcom_ros_rs920wruggedcom_ros_rs401ruggedcom_ros_rs910ruggedcom_rsg2300ruggedcom_rsg2488ruggedcom_rsg900cruggedcom_ros_rsg900cruggedcom_rsg2200ruggedcom_rmc20ruggedcom_rs416v2ruggedcom_ros_rsg2488ruggedcom_ros_rsg2100pruggedcom_rmc40ruggedcom_rs930wruggedcom_rs920wruggedcom_rs900lruggedcom_ros_rs8000truggedcom_rmcruggedcom_rs900gpruggedcom_ros_rs400ruggedcom_rs8000aruggedcom_ros_rmc40ruggedcom_ros_rs900gpruggedcom_ros_rs8000hruggedcom_ros_rmc20ruggedcom_i801ruggedcom_rst2228ruggedcom_ros_i801ruggedcom_rsl910ruggedcom_i800ruggedcom_rst916cRUGGEDCOM RST916PRUGGEDCOM RSG2488 V4.XRUGGEDCOM RS969RUGGEDCOM RS900GRUGGEDCOM i801RUGGEDCOM RSG920P V5.XRUGGEDCOM RS930LRUGGEDCOM RS1600TRUGGEDCOM RS401RUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RSG920P V4.XRUGGEDCOM RS920LRUGGEDCOM M2200RUGGEDCOM RSG910CRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RSG2100PRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS8000TRUGGEDCOM RS8000HRUGGEDCOM RS900 (32M) V4.XRUGGEDCOM M2100RUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS400RUGGEDCOM RS910LRUGGEDCOM RSG907RRUGGEDCOM RSL910RUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RSG2200RUGGEDCOM RSG2488 V5.XRUGGEDCOM RS940GRUGGEDCOM RMC8388 V4.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RS910WRUGGEDCOM RS910RUGGEDCOM RS1600FRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM RSG2100RUGGEDCOM RMC30RUGGEDCOM RSG2288 V5.XRUGGEDCOM RSG2300P V4.XRUGGEDCOM RSG908CRUGGEDCOM RS416v2 V4.XRUGGEDCOM i800RUGGEDCOM RSG909RRUGGEDCOM i802RUGGEDCOM RP110RUGGEDCOM RS1600RUGGEDCOM RS416PRUGGEDCOM RST2228PRUGGEDCOM RSG2100P (32M) V5.XRUGGEDCOM RS8000ARUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM M969RUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS416RUGGEDCOM RS930WRUGGEDCOM RSG2300P V5.XRUGGEDCOM i803RUGGEDCOM RS900W
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31875
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 67.42%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mjs_json.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse, which can potentially lead to redirection of control flow. NOTE: the original reporter disputes the significance of this finding because "there isn’t very much of an opportunity to exploit this reliably for an information leak, so there isn’t any real security impact."

Action-Not Available
Vendor-cesantan/a
Product-mongooseos_mjsn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-193
Off-by-one Error
CVE-2018-5159
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-37.56% / 97.09%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.Debian GNU/LinuxRed Hat, Inc.
Product-thunderbirdenterprise_linux_server_tusthunderbird_esrfirefoxubuntu_linuxenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_serverdebian_linuxenterprise_linux_workstationenterprise_linux_server_ausThunderbirdThunderbird ESRFirefoxFirefox ESR
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-3938
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.1||CRITICAL
EPSS-2.55% / 85.16%
||
7 Day CHG~0.00%
Published-14 Aug, 2018 | 19:00
Updated-16 Sep, 2024 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability.

Action-Not Available
Vendor-Sony Group CorporationTalos (Cisco Systems, Inc.)
Product-snc-em632rsnc-eb600b_firmwaresnc-em602rsnc-em602rcsnc-em630_firmwaresnc-em602rc_firmwaresnc-eb630b_firmwaresnc-em600snc-em630snc-em602r_firmwaresnc-eb600_firmwaresnc-em632r_firmwaresnc-eb632r_firmwaresnc-eb602rsnc-em632rcsnc-em632rc_firmwaresnc-eb632rsnc-eb630_firmwaresnc-em600_firmwaresnc-em601snc-em631snc-eb600snc-eb600bsnc-eb630snc-em631_firmwaresnc-eb630bsnc-eb602r_firmwaresnc-em601_firmwareSony
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-24832
Matching Score-4
Assigner-Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)
ShareView Details
Matching Score-4
Assigner-Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 16.22%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 15:43
Updated-05 Feb, 2026 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds write in ixray-1.6-stcop

Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

Action-Not Available
Vendor-ixray-teamixray-team
Product-ix-ray_engine_1.6ixray-1.6-stcop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-2913
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-10||CRITICAL
EPSS-7.05% / 91.30%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Monitoring Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle GoldenGate. Note: For Linux and Windows platforms, the CVSS score is 9.0 with Access Complexity as High. For all other platforms, the cvss score is 10.0. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-goldengateGoldenGate
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-6758
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 67.36%
||
7 Day CHG~0.00%
Published-06 Feb, 2018 | 18:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.

Action-Not Available
Vendor-unbitn/a
Product-uwsgin/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-11541
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-9.2||CRITICAL
EPSS-0.08% / 24.33%
||
7 Day CHG~0.00%
Published-22 Dec, 2025 | 05:09
Updated-15 Jan, 2026 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs.

Action-Not Available
Vendor-sharpSharp Display Solutions, Ltd.
Product-np-um352w\+_firmwarenp-p502wl_firmwarenp-p502w\+_firmwarenp-p502hgnp-p502wl-2np-p502hg_firmwarenp-p452hnp-p502hl_firmwarenp-p452wg_firmwarenp-p502wgnp-cr5450wl_firmwarenp-p452wgnp-p502hl\+_firmwarenp-p452w_firmwarenp-um352wg_firmwarenp-p452hgnp-um352w\+np-um352w_firmwarenp-um352wnp-p502hnp-cr5450hl_firmwarenp-cr5450hnp-p502wlnp-p502hlnp-p502wg_firmwarenp-p502h_firmwarenp-p502hl-2np-p502h\+_firmwarenp-p502wl\+np-p452wnp-p502h\+np-p502wlg_firmwarenp-p502w_firmwarenp-p502wlgnp-cr5450wnp-cr5450wlnp-p452hg_firmwarenp-p502hlgnp-p452h_firmwarenp-um352wgnp-p502wnp-cr5450hlnp-p502wl-2_firmwarenp-p502w\+np-cr5450h_firmwarenp-cr5450w_firmwarenp-p502hlg_firmwarenp-p502hlg-2np-p502hl-2_firmwarenp-p502hl\+np-p502hlg-2_firmwarenp-p502wl\+_firmwareNP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG, NP-P502H, NP-P502W, NP-P452H, NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-13995
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.74% / 87.73%
||
7 Day CHG~0.00%
Published-25 Sep, 2020 | 12:58
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DES_info or image_info. By controlling that pointer, one achieves an arbitrary write when its fields are assigned. The data written is from a potentially untrusted NITF file in the form of an integer. The attacker can gain control of the instruction pointer.

Action-Not Available
Vendor-airforcen/a
Product-nitf_extract_utilityn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-21097
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.39% / 59.20%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 15:57
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.10, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, and WND930 before 2.1.5.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-wnd930_firmwarewnap320_firmwarewndap360wnap320wnd930wndap660_firmwarewndap620_firmwarewndap360_firmwarewac505_firmwarewndap350_firmwarewn604_firmwarewac120wn604wac120_firmwarewac505wac510wac510_firmwarewnap210wndap620wndap660wndap350wnap210_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-21087
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.16% / 36.82%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 14:43
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-20749
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.37% / 93.04%
||
7 Day CHG~0.00%
Published-30 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

Action-Not Available
Vendor-libvnc_projectn/aDebian GNU/LinuxSiemens AGCanonical Ltd.
Product-simatic_itc1500_pro_firmwareubuntu_linuxdebian_linuxsimatic_itc1500_prosimatic_itc1500simatic_itc1900simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwaresimatic_itc2200_firmwaresimatic_itc2200_prosimatic_itc2200_pro_firmwarelibvncserversimatic_itc1900_prosimatic_itc2200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-25024
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.84%
||
7 Day CHG~0.00%
Published-26 Dec, 2021 | 21:55
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.

Action-Not Available
Vendor-actixn/a
Product-actix-webn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-20750
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.37% / 93.04%
||
7 Day CHG~0.00%
Published-30 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

Action-Not Available
Vendor-libvnc_projectn/aDebian GNU/LinuxSiemens AGCanonical Ltd.
Product-simatic_itc1500_pro_firmwareubuntu_linuxdebian_linuxsimatic_itc1500_prosimatic_itc1500simatic_itc1900simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwaresimatic_itc2200_firmwaresimatic_itc2200_prosimatic_itc2200_pro_firmwarelibvncserversimatic_itc1900_prosimatic_itc2200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-20748
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.57% / 93.11%
||
7 Day CHG~0.00%
Published-30 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.

Action-Not Available
Vendor-libvnc_projectn/aDebian GNU/LinuxSiemens AGCanonical Ltd.
Product-simatic_itc1500_pro_firmwareubuntu_linuxdebian_linuxsimatic_itc1500_prosimatic_itc1500simatic_itc1900simatic_itc1900_firmwaresimatic_itc1900_pro_firmwaresimatic_itc1500_firmwaresimatic_itc2200_firmwaresimatic_itc2200_prosimatic_itc2200_pro_firmwarelibvncserversimatic_itc1900_prosimatic_itc2200n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-11542
Matching Score-4
Assigner-NEC Corporation
ShareView Details
Matching Score-4
Assigner-NEC Corporation
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.33%
||
7 Day CHG~0.00%
Published-22 Dec, 2025 | 05:09
Updated-15 Jan, 2026 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitrary commands and programs.

Action-Not Available
Vendor-sharpSharp Display Solutions, Ltd.
Product-np-um352w\+_firmwarenp-p502wl_firmwarenp-p502w\+_firmwarenp-p502hgnp-p502wl-2np-p502hg_firmwarenp-p452hnp-p502hl_firmwarenp-p452wg_firmwarenp-p502wgnp-cr5450wl_firmwarenp-p452wgnp-p502hl\+_firmwarenp-p452w_firmwarenp-um352wg_firmwarenp-p452hgnp-um352w\+np-um352w_firmwarenp-um352wnp-p502hnp-cr5450hl_firmwarenp-cr5450hnp-p502wlnp-p502hlnp-p502wg_firmwarenp-p502h_firmwarenp-p502hl-2np-p502h\+_firmwarenp-p502wl\+np-p452wnp-p502h\+np-p502wlg_firmwarenp-p502w_firmwarenp-p502wlgnp-cr5450wnp-cr5450wlnp-p452hg_firmwarenp-p502hlgnp-p452h_firmwarenp-um352wgnp-p502wnp-cr5450hlnp-p502wl-2_firmwarenp-p502w\+np-cr5450h_firmwarenp-cr5450w_firmwarenp-p502hlg_firmwarenp-p502hlg-2np-p502hl-2_firmwarenp-p502hl\+np-p502hlg-2_firmwarenp-p502wl\+_firmwareNP-P502HL-2, NP-P502WL-2, NP-P502HLG-2, NP-P502WLG, NP-P502H, NP-P502W, NP-P452H, NP-P452W, NP-P502HG, NP-P502WG, NP-P452HG, NP-P452WG, NP-P502H+, NP-P502W+, NP-CR5450H, NP-CR5450W, NP-P502HL, NP-P502WL, NP-P502HLG, NP-P502WLG, NP-P502HL+, NP-P502WL+, NP-CR5450HL, NP-CR5450WL, NP-UM352W, NP-UM352WG, NP-UM352W+
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 49
  • 50
  • Next
Details not found