Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-35346

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-03 Dec, 2021 | 19:36
Updated At-04 Aug, 2024 | 00:33
Rejected At-
Credits

tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function HevcSpsUnit::short_term_ref_pic_set(int) in hevc.cpp.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:03 Dec, 2021 | 19:36
Updated At:04 Aug, 2024 | 00:33
Rejected At:
▼CVE Numbering Authority (CNA)

tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function HevcSpsUnit::short_term_ref_pic_set(int) in hevc.cpp.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/justdan96/tsMuxer/pull/422/files
x_refsource_MISC
https://github.com/justdan96/tsMuxer/issues/436
x_refsource_MISC
Hyperlink: https://github.com/justdan96/tsMuxer/pull/422/files
Resource:
x_refsource_MISC
Hyperlink: https://github.com/justdan96/tsMuxer/issues/436
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/justdan96/tsMuxer/pull/422/files
x_refsource_MISC
x_transferred
https://github.com/justdan96/tsMuxer/issues/436
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/justdan96/tsMuxer/pull/422/files
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/justdan96/tsMuxer/issues/436
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Dec, 2021 | 20:15
Updated At:06 Dec, 2021 | 22:47

tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function HevcSpsUnit::short_term_ref_pic_set(int) in hevc.cpp.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
tsmuxer_project
tsmuxer_project
>>tsmuxer>>2.6.16
cpe:2.3:a:tsmuxer_project:tsmuxer:2.6.16:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/justdan96/tsMuxer/issues/436cve@mitre.org
Exploit
Third Party Advisory
https://github.com/justdan96/tsMuxer/pull/422/filescve@mitre.org
Patch
Third Party Advisory
Hyperlink: https://github.com/justdan96/tsMuxer/issues/436
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://github.com/justdan96/tsMuxer/pull/422/files
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

2460Records found
CVE-2023-40890
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.14% / 33.55%
||
7 Day CHG~0.00%
Published-29 Aug, 2023 | 00:00
Updated-04 Nov, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the lookup_sequence function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be physically scanned by the vulnerable scanner.

Action-Not Available
Vendor-zbar_projectn/a
Product-zbarn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14203
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 62.65%
||
7 Day CHG~0.00%
Published-31 Jul, 2019 | 12:11
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.

Action-Not Available
Vendor-denxn/a
Product-u-bootn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40893
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-24 Aug, 2023 | 00:00
Updated-08 Dec, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac8_firmwareac8v4n/aac8v4
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14697
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.45%
||
7 Day CHG+0.03%
Published-06 Aug, 2019 | 15:34
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.

Action-Not Available
Vendor-musl-libcn/a
Product-musln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40842
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-30 Aug, 2023 | 00:00
Updated-01 Oct, 2024 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/aac6
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-30369
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.17% / 38.34%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-04 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac15_firmwareac15n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43086
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.26%
||
7 Day CHG~0.00%
Published-28 Feb, 2022 | 14:06
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow occurred in function encode_ise() in function compress_symbolic_block_for_partition_2planes() in "/Source/astcenc_compress_symbolic.cpp".

Action-Not Available
Vendor-n/aArm Limited
Product-adaptive_scalable_texture_compression_encodern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12898
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.42%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 21:37
Updated-04 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e.

Action-Not Available
Vendor-n/aDelta Electronics, Inc.
Product-devicenet_buildern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-6303
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-28.82% / 96.45%
||
7 Day CHG~0.00%
Published-16 Sep, 2016 | 00:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aNode.js (OpenJS Foundation)OpenSSL
Product-opensslnode.jsn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31756
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.51% / 80.95%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 22:01
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copied to the stack variable.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac11ac11_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40845
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-30 Aug, 2023 | 00:00
Updated-01 Oct, 2024 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/aac6
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40567
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.24% / 47.52%
||
7 Day CHG~0.00%
Published-31 Aug, 2023 | 21:42
Updated-03 Nov, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-Of-Bounds Write in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `clear_decompress_bands_data` function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds write. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.

Action-Not Available
Vendor-Fedora ProjectFreeRDPDebian GNU/Linux
Product-fedoradebian_linuxfreerdpFreeRDP
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31757
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.96% / 83.27%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 22:02
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac11ac11_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12899
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 61.42%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 21:37
Updated-04 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at ntdll!RtlQueueWorkItem+0x00000000000005e3.

Action-Not Available
Vendor-n/aDelta Electronics, Inc.
Product-devicenet_buildern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12519
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.54% / 91.65%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 19:20
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.

Action-Not Available
Vendor-n/aopenSUSESquid CacheCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxleapsquidn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30805
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.62% / 81.58%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 13:39
Updated-03 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-macosmac_os_xSecurity Update - CatalinamacOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43300
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 66.16%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 00:00
Updated-04 Nov, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

Action-Not Available
Vendor-teluuteluuDebian GNU/Linux
Product-pjsipdebian_linuxpjsip
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31758
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-40.11% / 97.25%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 22:01
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac11ac11_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0446
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.16% / 37.39%
||
7 Day CHG~0.00%
Published-10 Nov, 2020 | 12:53
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264528

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12900
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 78.06%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 22:07
Updated-09 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

Action-Not Available
Vendor-bzipn/aCanonical Ltd.Python Software FoundationFreeBSD FoundationDebian GNU/LinuxopenSUSE
Product-debian_linuxleapubuntu_linuxpythonfreebsdbzip2n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31226
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.70% / 82.01%
||
7 Day CHG~0.00%
Published-19 Aug, 2021 | 10:48
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to lack of size validation. This vulnerability requires the attacker to send a crafted HTTP POST request with a URI longer than 50 bytes. This leads to a heap overflow in wbs_post() via an strcpy() call.

Action-Not Available
Vendor-hcc-embeddedn/a
Product-internichen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40891
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-24 Aug, 2023 | 00:00
Updated-08 Dec, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac8_firmwareac8v4n/aac8v4
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3185
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.67% / 70.96%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 16:33
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.

Action-Not Available
Vendor-n/afreedesktop.org
Product-gst-plugins-badgstreamer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31886
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-3.43% / 87.24%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 11:31
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)

Action-Not Available
Vendor-Siemens AG
Product-talon_tc_compactdesigo_pxm20-edesigo_pxc22.1-e.dapogee_pxc_compactdesigo_pxc001-e.d_firmwareapogee_modular_equiment_controller_firmwaredesigo_pxc12-e.dapogee_pxc_compact_firmwaredesigo_pxc200-e.d_firmwareapogee_modular_equiment_controllerdesigo_pxc100-e.dapogee_modular_building_controllerdesigo_pxc001-e.dapogee_pxc_modular_firmwaretalon_tc_modular_firmwaretalon_tc_modulardesigo_pxc22.1-e.d_firmwaredesigo_pxc50-e.dapogee_modular_building_controller_firmwaredesigo_pxc12-e.d_firmwaredesigo_pxc22-e.ddesigo_pxc22-e.d_firmwaredesigo_pxc00-u_firmwarenucleus_readystart_v3desigo_pxc00-e.ddesigo_pxc100-e.d_firmwaredesigo_pxc200-e.ddesigo_pxc00-e.d_firmwaredesigo_pxc50-e.d_firmwarenucleus_netdesigo_pxc64-utalon_tc_compact_firmwaredesigo_pxc36.1-e.d_firmwaredesigo_pxc64-u_firmwaredesigo_pxc128-udesigo_pxc00-uapogee_pxc_modulardesigo_pxm20-e_firmwaredesigo_pxc36.1-e.ddesigo_pxc128-u_firmwarenucleus_source_codeTALON TC Compact (BACnet)Desigo PXC64-UDesigo PXC00-UNucleus Source CodeAPOGEE PXC Compact (BACnet)APOGEE MEC (PPC) (P2 Ethernet)Nucleus NETDesigo PXC001-E.DDesigo PXC100-E.DDesigo PXC12-E.DAPOGEE MBC (PPC) (BACnet)Desigo PXC22.1-E.DTALON TC Modular (BACnet)Nucleus ReadyStart V3APOGEE MEC (PPC) (BACnet)Desigo PXC00-E.DAPOGEE MBC (PPC) (P2 Ethernet)Desigo PXC50-E.DAPOGEE PXC Compact (P2 Ethernet)Desigo PXC36.1-E.DAPOGEE PXC Modular (P2 Ethernet)Desigo PXC22-E.DDesigo PXC200-E.DDesigo PXM20-EAPOGEE PXC Modular (BACnet)Desigo PXC128-U
CWE ID-CWE-170
Improper Null Termination
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-31895
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.1||HIGH
EPSS-1.16% / 78.34%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:02
Updated-14 Oct, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.7), RUGGEDCOM i801 (All versions < V4.3.7), RUGGEDCOM i802 (All versions < V4.3.7), RUGGEDCOM i803 (All versions < V4.3.7), RUGGEDCOM M2100 (All versions < V4.3.7), RUGGEDCOM M2200 (All versions < V4.3.7), RUGGEDCOM M969 (All versions < V4.3.7), RUGGEDCOM RMC30 (All versions < V4.3.7), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM RP110 (All versions < V4.3.7), RUGGEDCOM RS1600 (All versions < V4.3.7), RUGGEDCOM RS1600F (All versions < V4.3.7), RUGGEDCOM RS1600T (All versions < V4.3.7), RUGGEDCOM RS400 (All versions < V4.3.7), RUGGEDCOM RS401 (All versions < V4.3.7), RUGGEDCOM RS416 (All versions < V4.3.7), RUGGEDCOM RS416P (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.5.4), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM RS8000 (All versions < V4.3.7), RUGGEDCOM RS8000A (All versions < V4.3.7), RUGGEDCOM RS8000H (All versions < V4.3.7), RUGGEDCOM RS8000T (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900G (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900GP (All versions < V4.3.7), RUGGEDCOM RS900L (All versions < V4.3.7), RUGGEDCOM RS900W (All versions < V4.3.7), RUGGEDCOM RS910 (All versions < V4.3.7), RUGGEDCOM RS910L (All versions < V4.3.7), RUGGEDCOM RS910W (All versions < V4.3.7), RUGGEDCOM RS920L (All versions < V4.3.7), RUGGEDCOM RS920W (All versions < V4.3.7), RUGGEDCOM RS930L (All versions < V4.3.7), RUGGEDCOM RS930W (All versions < V4.3.7), RUGGEDCOM RS940G (All versions < V4.3.7), RUGGEDCOM RS969 (All versions < V4.3.7), RUGGEDCOM RSG2100 (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2100P (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2200 (All versions < V4.3.7), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM RSG907R (All versions < V5.5.4), RUGGEDCOM RSG908C (All versions < V5.5.4), RUGGEDCOM RSG909R (All versions < V5.5.4), RUGGEDCOM RSG910C (All versions < V5.5.4), RUGGEDCOM RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM RSL910 (All versions < V5.5.4), RUGGEDCOM RST2228 (All versions < V5.5.4), RUGGEDCOM RST2228P (All versions < V5.5.4), RUGGEDCOM RST916C (All versions < V5.5.4), RUGGEDCOM RST916P (All versions < V5.5.4). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote attacker to cause memory to be overwritten, potentially allowing remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_ros_rs900ruggedcom_ros_m2100ruggedcom_rst916pruggedcom_ros_rs900lruggedcom_ros_rs910wruggedcom_ros_rs969ruggedcom_i802ruggedcom_ros_rs920lruggedcom_rsg2300pruggedcom_ros_rs910lruggedcom_rs910lruggedcom_rmc30ruggedcom_ros_rmc30ruggedcom_rs900wruggedcom_ros_rsg2200ruggedcom_ros_rsg900rruggedcom_rs8000truggedcom_rs940gruggedcom_ros_i803ruggedcom_m969ruggedcom_rs930lruggedcom_ros_m2200ruggedcom_rsg2100ruggedcom_ros_rsg2288ruggedcom_rsg2100pruggedcom_ros_rmcruggedcom_rsg900gruggedcom_rs8000ruggedcom_rs910wruggedcom_ros_rsg900ruggedcom_ros_rsl910ruggedcom_ros_rs416ruggedcom_ros_rs930wruggedcom_ros_m969ruggedcom_ros_rsg2300pruggedcom_i803ruggedcom_ros_rsg900gruggedcom_ros_rsg920pruggedcom_rsg900rruggedcom_ros_rp110ruggedcom_rs401ruggedcom_rs900ruggedcom_ros_rmc8388ruggedcom_ros_rs900gruggedcom_rmc41ruggedcom_rs900gruggedcom_rs910ruggedcom_ros_rsg2100ruggedcom_rsg920pruggedcom_rp110ruggedcom_ros_rmc41ruggedcom_ros_rsg2300ruggedcom_ros_i802ruggedcom_rs416ruggedcom_ros_rst916cruggedcom_rs8000hruggedcom_rs920lruggedcom_ros_rst916pruggedcom_rmc8388ruggedcom_ros_rs416v2ruggedcom_ros_rs8000ruggedcom_ros_rs8000aruggedcom_ros_rst2228ruggedcom_rs400ruggedcom_ros_rs900wruggedcom_ros_rs930lruggedcom_ros_rs940gruggedcom_rs969ruggedcom_m2100ruggedcom_ros_i800ruggedcom_rsg2288ruggedcom_rsg900ruggedcom_m2200ruggedcom_ros_rs920wruggedcom_ros_rs401ruggedcom_ros_rs910ruggedcom_rsg2300ruggedcom_rsg2488ruggedcom_rsg900cruggedcom_ros_rsg900cruggedcom_rsg2200ruggedcom_rmc20ruggedcom_rs416v2ruggedcom_ros_rsg2488ruggedcom_ros_rsg2100pruggedcom_rmc40ruggedcom_rs930wruggedcom_rs920wruggedcom_rs900lruggedcom_ros_rs8000truggedcom_rmcruggedcom_rs900gpruggedcom_ros_rs400ruggedcom_rs8000aruggedcom_ros_rmc40ruggedcom_ros_rs900gpruggedcom_ros_rs8000hruggedcom_ros_rmc20ruggedcom_i801ruggedcom_rst2228ruggedcom_ros_i801ruggedcom_rsl910ruggedcom_i800ruggedcom_rst916cRUGGEDCOM RST916PRUGGEDCOM RSG2488 V4.XRUGGEDCOM RS969RUGGEDCOM RS900GRUGGEDCOM i801RUGGEDCOM RSG920P V5.XRUGGEDCOM RS930LRUGGEDCOM RS1600TRUGGEDCOM RS401RUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RSG920P V4.XRUGGEDCOM RS920LRUGGEDCOM M2200RUGGEDCOM RSG910CRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RSG2100PRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS8000TRUGGEDCOM RS8000HRUGGEDCOM RS900 (32M) V4.XRUGGEDCOM M2100RUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS400RUGGEDCOM RS910LRUGGEDCOM RSG907RRUGGEDCOM RSL910RUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RSG2200RUGGEDCOM RSG2488 V5.XRUGGEDCOM RS940GRUGGEDCOM RMC8388 V4.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RS910WRUGGEDCOM RS910RUGGEDCOM RS1600FRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM RSG2100RUGGEDCOM RMC30RUGGEDCOM RSG2288 V5.XRUGGEDCOM RSG2300P V4.XRUGGEDCOM RSG908CRUGGEDCOM RS416v2 V4.XRUGGEDCOM i800RUGGEDCOM RSG909RRUGGEDCOM i802RUGGEDCOM RP110RUGGEDCOM RS1600RUGGEDCOM RS416PRUGGEDCOM RST2228PRUGGEDCOM RSG2100P (32M) V5.XRUGGEDCOM RS8000ARUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM M969RUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS416RUGGEDCOM RS930WRUGGEDCOM RSG2300P V5.XRUGGEDCOM i803RUGGEDCOM RS900W
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12567
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.74% / 85.73%
||
7 Day CHG~0.00%
Published-23 Dec, 2019 | 22:45
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568.

Action-Not Available
Vendor-open_tftp_server_projectn/a
Product-open_tftp_servern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40847
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-30 Aug, 2023 | 00:00
Updated-02 Oct, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/aac6
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-29939
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.77% / 73.13%
||
7 Day CHG~0.00%
Published-01 Apr, 2021 | 04:23
Updated-19 Nov, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if size_hint provides certain anomalous data.

Action-Not Available
Vendor-stackvector_projectn/a
Product-stackvectorn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-29942
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.35% / 56.99%
||
7 Day CHG~0.00%
Published-01 Apr, 2021 | 04:22
Updated-03 Aug, 2024 | 22:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the reorder crate through 2021-02-24 for Rust. swap_index can return uninitialized values if an iterator returns a len() that is too large.

Action-Not Available
Vendor-reorder_projectn/a
Product-reordern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30072
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.72%
||
7 Day CHG~0.00%
Published-02 Apr, 2021 | 19:55
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-878dir-878_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30188
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 68.18%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:33
Updated-15 Aug, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203v2_runtime_system_sp750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-12553
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.80% / 82.55%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 16:20
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.

Action-Not Available
Vendor-sweetscapen/a
Product-010_editorn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-29998
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.60% / 69.03%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 16:16
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

Action-Not Available
Vendor-windrivern/aSiemens AG
Product-scalance_xf206-1_firmwarescalance_x208_pro_firmwarescalance_x201-3p_irtscalance_x212-2ldscalance_x206-1scalance_x300simatic_rf_182c_firmwarescalance_x201-3p_irt_proscalance_x204-2fmscalance_x208scalance_x202-2p_irtsimatic_rf_181_eip_firmwarevxworksscalance_x206-1_firmwaresinamics_perfect_harmony_gh180ruggedcom_win_subscriber_station_firmwarescalance_xf204-2scalance_x204_irtscalance_x202-2_irtscalance_xf204_firmwarescalance_xf204-2ba_irtscalance_x204-2ld_firmwarescalance_x212-2_firmwarescalance_x204_irt_proscalance_xf208_firmwarescalance_xf204-2_firmwarescalance_x208_proscalance_x202-2p_irt_proscalance_xf202-2p_irtscalance_x204-2fm_firmwarescalance_x204-2tsscalance_x202-2_irt_firmwarescalance_xf204scalance_x206-1ldscalance_x200-4_p_irtscalance_xf204_irt_firmwarescalance_xf201-3p_irtscalance_xf204_irtruggedcom_win_subscriber_stationscalance_x204-2ldscalance_xf208scalance_x201-3p_irt_firmwarescalance_x202-2p_irt_pro_firmwarescalance_xf204-2ba_irt_firmwarescalance_x204-2ld_ts_firmwarescalance_x300_firmwarescalance_x204-2ld_tsscalance_x204-2scalance_x408scalance_x224scalance_x204-2_firmwarescalance_xf206-1scalance_x202-2p_irt_firmwarescalance_x206-1ld_firmwaresinamics_perfect_harmony_gh180_firmwarescalance_x212-2ld_firmwarescalance_x204_irt_firmwarescalance_x408_firmwarescalance_x212-2scalance_x200-4_p_irt_firmwarescalance_x204-2ts_firmwarescalance_x216_firmwarescalance_xf202-2p_irt_firmwarescalance_x208_firmwaresimatic_rf_181_eipscalance_x204_irt_pro_firmwaresimatic_rf_182cscalance_x216scalance_xf201-3p_irt_firmwarescalance_x201-3p_irt_pro_firmwarescalance_x224_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13192
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.85% / 87.98%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 18:42
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly. This would allow an attacker to execute arbitrary code on the device.

Action-Not Available
Vendor-n/aBrother Industries, Ltd.
Product-mfc-j895dwmfc-l6900dwhl-l6450dwhl-l6400dwtads-2800wdcp-1617nwmfc-l2720dn\(jpn\)mfc-j497dwdcp-t710w\(chn\)_firmwaremfc-j1500n\(jpn\)mfc-j5335dwmfc-l2740dwr_firmwaremfc-l2750dw_firmwaremfc-l3770cdw_firmwaredcp-7195dw_firmwaremfc-l2705dwmfc-j893n_firmwaredcp-1623wr_firmwaremfc-l6900dwx_firmwaredcp-l8410cdw_firmwaremfc-9350cdwmfc-j998dn_firmwarehl-l8260cdndcp-l2560dwrdcp-j982n-bmfc-l5702dw_firmwarehl-l2370dnhl-l2350dw_firmwaremfc-j893nmfc-l2720dw_firmwaremfc-l9570cdw_firmwarehl-l3230cdwhl-b2050dnhl-1211w_firmwaredcp-j572dwdcp-j577ndcp-j973n-wmfc-l2720dwr_firmwaredcp-l2531dw_firmwaremfc-j998dwn_firmwaredcp-l2520dw_firmwaremfc-l2707dwmfc-l9570cdwdcp-j978n-b_firmwaredcp-t710w_firmwaredcp-l2540dw\(jpn\)dcp-1610wvbmfc-l5802dwmfc-9350cdw_firmwaremfc-8530dnmfc-l2705dw_firmwaremfc-1910wmfc-1916nwmfc-j1300dwmfc-l2712dn_firmwaremfc-l3730cdn_firmwaremfc-j995dwmfc-9150cdndcp-l3551cdw_firmwarehl-l8360cdwtmfc-1911wdcp-l6600dwdcp-l2541dw_firmwaremfc-j805dw_xl_firmwaremfc-j6535dwmfc-l2701dwdcp-j982n-w_firmwaredcp-b7535dwmfc-j6947dw_firmwaremfc-l5700dw_firmwaredcp-l5500dnhl-1210wvb_firmwarehl-l9310cdwmfc-l2717dw_firmwarehl-l2395dw_firmwaremfc-l8610cdwmfc-j5730dw_firmwaremfc-l8900cdwmfc-l2685dw_firmwarehl-l6200dwt_firmwaredcp-j772dwhl-l2370dn_firmwaremfc-l2712dwdcp-1610wvb_firmwarehl-j6000cdw\(jpn\)_firmwarehl-l8360cdwt_firmwareads-3000nmfc-j5845dw_xl_firmwaredcp-j978n-w_firmwaredcp-1610wemfc-l8900cdw_firmwaredcp-l2540dnhl-l8360cdw_firmwaremfc-j805dw_firmwaredcp-b7530dndcp-l5650dnmfc-t810w\(chn\)dcp-l8410cdwdcp-1616nwmfc-8540dn_firmwaremfc-l2710dw_firmwaremfc-l5802dw_firmwarehl-l2375dw_firmwarehl-1210wvbmfc-l2713dw_firmwaremfc-l5902dwdcp-l5502dnhl-l2366dw_firmwarehl-1210wr_firmwarehl-l3270cdwdcp-l5600dn_firmwareads-2400n_firmwaremfc-l2720dwrhl-l2375dwhl-l5202dw_firmwaredcp-1610we_firmwaremfc-l2700dw\(oce\)_firmwaremfc-j995dw_xlhl-l8360cdwmfc-j491dwhl-l2385dwmfc-1912wrmfc-l2750dw\(jpn\)_firmwarehl-l6200dwtdcp-1610wrdcp-l3510cdwmfc-l2740dw_firmwarehl-1223we_firmwaremfc-j3530dwads-2800w_firmwaremfc-j6930dw_firmwaremfc-l6702dw_firmwaremfc-l2715dw\(twn\)hl-l5100dnthl-1210w_firmwaremfc-j1500n\(jpn\)_firmwarehl-b2050dn_firmwaredcp-l3550cdw_firmwaremfc-t910dw_firmwaredcp-l2532dw_firmwaremfc-l8610cdw\(jpn\)_firmwaredcp-b7530dn_firmwaremfc-l5755dw_firmwaremfc-l2700dwmfc-l6900dw_firmwaremfc-l5900dw_firmwaredcp-l5652dndcp-l2520dwmfc-l2700dw\(oce\)mfc-l2700dw_firmwarehl-1218whl-l3210cwdcp-l2520dwr_firmwaremfc-j6730dw_firmwarefax-l2700dn\(jpn\)mfc-l2717dwdcp-1618w_firmwaredcp-l2550dn_firmwaredcp-l2541dwhl-l2365dwrmfc-j6530dwdcp-1615nwdcp-7180dn_firmwaremfc-l5850dw_firmwaremfc-l6950dw_firmwarehl-b2080dwmfc-l2680whl-l2360dw_firmwareads-3600w_firmwarefax-l2710dn\(jpn\)_firmwaremfc-j5330dwmfc-l5800dw_firmwarehl-l3290cdwmfc-l2750dwxl_firmwaredcp-1615nw_firmwaremfc-j5335dw_firmwaremfc-l6950dwhl-l8260cdn_firmwaremfc-l2730dwhl-l6400dwxhl-l6250dw_firmwaredcp-1617nw_firmwarehl-l2340dwrmfc-7895dw_firmwaremfc-l2740dw\(jpn\)mfc-1911nw_firmwarehl-l6300dw_firmwaredcp-l3550cdwhl-l2305w_firmwaredcp-1612wemfc-l5700dwmfc-j6535dw_firmwaredcp-j774dwhl-l6200dwmfc-j998dwndcp-j572n_firmwaredcp-l2550dwmfc-l6902dwmfc-7880dn_firmwaremfc-j5845dw_firmwaremfc-j890dw_firmwaremfc-j5330dw_firmwaremfc-j738dwn_firmwarehl-l2380dwmfc-l6750dw_firmwaremfc-l9570cdw\(jpn\)_firmwaredcp-1612wvbdcp-l2540dw_firmwaremfc-l2770dw_firmwarehl-l2395dwdcp-l2551dndcp-l2532dwdcp-l3551cdwmfc-l6900dw\(jpn\)mfc-l3730cdnhl-l3210cw_firmwaredcp-j988n\(jpn\)mfc-l2740dw\(jpn\)_firmwaremfc-j903nmfc-l6900dw\(jpn\)_firmwaremfc-l5750dwdcp-l3517cdwmfc-1911w_firmwaremfc-j497dw_firmwarehl-j6000dwhl-j6000dw_firmwaremfc-l6902dw_firmwaremfc-j995dw_firmwaremfc-j6945dwmfc-j5630cdwhl-1212wr_firmwaremfc-l2740dwrmfc-t910dwmfc-j6947dwmfc-l2712dnmfc-j6935dw_firmwaremfc-l2713dwmfc-l6702dwmfc-l3735cdnmfc-l5755dw\(jpn\)_firmwarehl-3190cdw_firmwaremfc-j6530dw_firmwarehl-l2361dnmfc-j5845dwhl-l2366dwdcp-j774dw_firmwaremfc-j6997cdw\(jpn\)_firmwaremfc-j6999cdw\(jpn\)hl-l6202dw_firmwaremfc-8540dnhl-l8260cdw_firmwaremfc-t4500dwmfc-j738dnmfc-l2700dwr_firmwaredcp-b7520dwmfc-j5930dw_firmwarehl-3160cdw_firmwarehl-l6200dw_firmwaremfc-l2720dwdcp-7180dnmfc-j2330dwhl-5590dnmfc-l8610cdw_firmwaremfc-j690dwmfc-l6900dwgmfc-l2716dwhl-l5200dw_firmwaremfc-9150cdn_firmwaremfc-l2710dnmfc-7880dnhl-l6400dwgmfc-l2771dw_firmwarehl-1223wedcp-l5650dn_firmwaremfc-1919nw_firmwareads-3000n_firmwaremfc-l6700dw_firmwaredcp-9030cdn_firmwaredcp-l2520dwrdcp-j972nmfc-j6999cdw\(jpn\)_firmwaredcp-1612we_firmwaredcp-j973n-b_firmwaremfc-j6980cdw\(jpn\)_firmwaremfc-j898nmfc-j6545dw_firmwaremfc-l2750dw\(jpn\)dcp-l2530dw_firmwaremfc-1910wedcp-l5500dn_firmwaremfc-j805dwmfc-j895dw_firmwarehl-1222wemfc-j898n_firmwaredcp-l2540dnr_firmwarehl-l3230cdnhl-1218w_firmwaredcp-7195dwhl-l6250dn_firmwaredcp-l2551dwhl-l2340dwr_firmwaremfc-1911nwads-3600whl-l2360dnrdcp-l2560dw_firmwaremfc-j1300dw_firmwaremfc-l2710dwhl-2560dndcp-j981n_firmwaremfc-b7715dw_firmwaremfc-l3710cw_firmwarehl-l6402dw_firmwaredcp-l2551dw_firmwaremfc-l2712dw_firmwaremfc-j995dw_xl_firmwaredcp-l2537dw_firmwaremfc-l2732dwmfc-l2750dwhl-l2315dwmfc-l2685dwmfc-l5702dwdcp-l2537dwmfc-j903n_firmwaredcp-1612wvb_firmwaremfc-1912wr_firmwaremfc-l6800dwdcp-l2535dwdcp-l2550dw_firmwarehl-l2352dw_firmwaredcp-j582n_firmwaredcp-l5602dn_firmwaremfc-t4500dw_firmwarehl-2595dw_firmwaremfc-t810whl-l2340dwmfc-j2330dw_firmwarehl-1222we_firmwaremfc-j6580cdw\(jpn\)dcp-1612wr_firmwarehl-l5100dn_firmwaremfc-j5730dwmfc-l6700dwdcp-t510wmfc-j6983cdwhl-l2365dwdcp-j982n-b_firmwaremfc-l6750dwdcp-j978n-wmfc-j6583cdwdcp-l2550dndcp-l2560dwr_firmwaredcp-j988n\(jpn\)_firmwarehl-l2386dw_firmwaremfc-b7720dnhl-l2372dnmfc-l3735cdn_firmwarehl-3160cdwmfc-l6800dw_firmwarehl-l3230cdn_firmwarehl-l2376dwhl-t4000dw_firmwaremfc-l2701dw_firmwaredcp-b7535dw_firmwaredcp-l6600dw_firmwaremfc-1915w_firmwaremfc-l2680w_firmwaremfc-l2732dw_firmwarehl-1212w_firmwaredcp-l2531dwdcp-t510w\(chn\)dcp-l2530dwmfc-j738dwnmfc-j6545dw_xl_firmwaremfc-l6970dwmfc-j738dn_firmwaredcp-j972n_firmwaredcp-1618wdcp-j772dw_firmwaredcp-t510w_firmwaremfc-l5902dw_firmwaremfc-l2716dw_firmwaremfc-l5800dwmfc-j815dw_xlmfc-j5630cdw_firmwaredcp-l3517cdw_firmwaredcp-j973n-bmfc-l3770cdwdcp-l5602dnmfc-l5750dw_firmwarehl-1212wvbmfc-l2730dw_firmwaredcp-j982n-wmfc-j5930dwfax-l2700dn\(jpn\)_firmwarehl-l2361dn_firmwarehl-l6400dwg_firmwaremfc-l9577cdwdcp-1612wrmfc-j805dw_xlmfc-l2720dn\(jpn\)_firmwaremfc-j6995cdw\(jpn\)_firmwaremfc-j6583cdw_firmwaremfc-j1605dn_firmwarehl-l6400dwdcp-l2535dw_firmwarehl-l6300dwdcp-1610wr_firmwaremfc-j491dw_firmwarehl-l5202dwdcp-j1100dwmfc-j6545dwdcp-l5600dndcp-j978n-bdcp-l3510cdw_firmwaremfc-l2703dw_firmwaremfc-l2730dn\(jpn\)hl-l5100dnmfc-j3930dwmfc-j3930dw_firmwaremfc-j6995cdw\(jpn\)mfc-j5830dwdcp-l2552dnmfc-j5945dw_firmwarehl-l2350dwhl-l3230cdw_firmwaredcp-l2540dwdcp-l2551dn_firmwaremfc-l5755dwmfc-j6930dwhl-l2340dw_firmwaredcp-1610w_firmwaredcp-l2560dwhl-l2365dw_firmwaremfc-j998dnhl-l6300dwt_firmwaremfc-l5850dwhl-j6100dwmfc-j6545dw_xldcp-j572nmfc-l3745cdw_firmwarehl-l2376dw_firmwaremfc-j5845dw_xldcp-1616nw_firmwarehl-l2360dnhl-l5200dwtmfc-l8610cdw\(jpn\)hl-l5595dnhl-t4000dwhl-l2371dnhl-l5200dwt_firmwarehl-l6402dwmfc-b7715dwdcp-1623wrhl-1212we_firmwaremfc-1916nw_firmwaredcp-t710wmfc-j6980cdw\(jpn\)hl-l2315dw_firmwaredcp-l2540dw\(jpn\)_firmwarehl-l5595dn_firmwarehl-l9310cdw_firmwarehl-l5102dwmfc-b7720dn_firmwarehl-l2365dwr_firmwaremfc-l3710cwhl-l6202dwmfc-l5700dnhl-l2370dw_firmwaremfc-l2770dwmfc-j6945dw_firmwarehl-1210wrmfc-l2750dwxlmfc-l5900dwhl-l2370dwdcp-1610whl-l5102dw_firmwaremfc-j2730dw_firmwarehl-1210wehl-l2305wdcp-l2540dn_firmwarehl-2560dn_firmwaredcp-l2550dw\(jpn\)_firmwarehl-j6100dw_firmwaremfc-j3530dw_firmwaremfc-j5830dw_firmwarehl-l2385dw_firmwarehl-l5200dwdcp-b7520dw_firmwaredcp-1612wmfc-j6983cdw_firmwaredcp-j582nhl-1210whl-l2386dwhl-1210we_firmwaremfc-j890dwmfc-j5945dwfax-l2710dn\(jpn\)mfc-1910w_firmwaremfc-j2730dwmfc-1910we_firmwarehl-l2371dn_firmwarehl-l2360dn_firmwaremfc-l2752dw_firmwarehl-l2351dw_firmwarehl-l2370dwxlmfc-l2751dwmfc-j1605dnhl-l6450dw_firmwaredcp-j973n-w_firmwaremfc-j6580cdw\(jpn\)_firmwaremfc-l2710dn_firmwarehl-1212wvb_firmwarehl-l2357dw_firmwaremfc-l6900dwg_firmwaremfc-l2703dwhl-l6400dwx_firmwarehl-l5100dnt_firmwarehl-3190cdwhl-l6400dwt_firmwaremfc-1915wmfc-l8690cdw_firmwaremfc-l3750cdw_firmwaremfc-l2730dn\(jpn\)_firmwaredcp-9030cdnmfc-l9577cdw_firmwarehl-l2390dw_firmwaremfc-l3750cdwhl-1212wdcp-t510w\(chn\)_firmwaremfc-t810w\(chn\)_firmwaremfc-8535dn_firmwaremfc-1919nwmfc-t810w_firmwarehl-l2370dwxl_firmwarehl-l8260cdwhl-j6000cdw\(jpn\)mfc-l2700dndcp-l2552dn_firmwaremfc-l2700dn_firmwaredcp-l5652dn_firmwaremfc-l2771dwdcp-1612w_firmwaremfc-l6970dw_firmwarehl-1211wmfc-l3745cdwmfc-l2707dw_firmwaremfc-l8690cdwdcp-l2540dnrdcp-j577n_firmwaredcp-j1100dw_firmwarehl-l6400dw_firmwaredcp-t710w\(chn\)dcp-j572dw_firmwarehl-2595dwhl-l2360dnr_firmwarehl-l2351dwmfc-l2715dw_firmwaremfc-j6730dwhl-5590dn_firmwaremfc-8535dnmfc-l5700dn_firmwareads-2400ndcp-1622wemfc-l9570cdw\(jpn\)mfc-l2740dwmfc-j815dw_xl_firmwarehl-b2080dw_firmwaremfc-l2700dnrmfc-l2751dw_firmwaremfc-j6997cdw\(jpn\)hl-l2372dn_firmwarehl-1212wemfc-l2700dnr_firmwaredcp-1622we_firmwaremfc-j6935dwdcp-l2550dw\(jpn\)mfc-l2715dwmfc-l2752dwdcp-j981ndcp-1623wemfc-8530dn_firmwarehl-l6250dwmfc-7895dwmfc-j690dw_firmwaredcp-l5502dn_firmwarehl-l6300dwtmfc-l2700dwrdcp-1623we_firmwarehl-l3290cdw_firmwaremfc-l5755dw\(jpn\)hl-l6250dnhl-l2352dwhl-l2360dwhl-l2380dw_firmwaremfc-l2715dw\(twn\)_firmwaremfc-l6900dwxhl-l2390dwhl-l2357dwhl-l3270cdw_firmwarehl-1212wrn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40843
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-30 Aug, 2023 | 00:00
Updated-01 Oct, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac6_firmwareac6n/aac6
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30189
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 68.18%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-26805
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.17% / 38.34%
||
7 Day CHG~0.00%
Published-19 Mar, 2023 | 00:00
Updated-27 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w20e_firmwarew20en/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3064
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-9.8||CRITICAL
EPSS-45.04% / 97.52%
||
7 Day CHG-4.37%
Published-10 Nov, 2021 | 17:10
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.

Action-Not Available
Vendor-Palo Alto Networks, Inc.
Product-pan-osPAN-OSPrisma Access
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30341
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.24%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678mdm9640_firmwaresm6250p_firmwarewcn3998_firmwareqcs610qcs2290_firmwareqca8337sd7c_firmwarecsrb31024mdm9628_firmwarewcd9360_firmwaresdx65qcs4290wcn3950_firmwaremdm9250sd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426qca9377sa415mwcn3998sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwarewcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwareqca6420qca6436_firmwarewcd9360wcn3610_firmwaremdm9207qca6564au_firmwaresd680_firmwaresd778gqca9367_firmwarewcd9306mdm8207sd_8cx_gen2sa515m_firmwareqcs6490sd429sdxr2_5gqca9367qcs6125qca4004_firmwaremdm9607_firmwaresd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwarewcd9306_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcn6851qca8081qca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwaremdm9207_firmwareqca4004wsa8830_firmwaresda429wsd210sd855_firmwaresd660sd865_5g_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn3620_firmwaresd660_firmwarewcn3620wcn3988wcn6850_firmwarewsa8835_firmwareqcx315sm8475qca6564awcn6750_firmwarewcn3610qcm6125_firmwaremdm9640qcm2290_firmwaresm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresd_675sdm429wmsm8996au_firmwaresd780gsw5100pwcd9330sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd888msm8909w_firmwareqca6574msm8996auqcx315_firmwaresdm429w_firmwaresd665_firmwarewsa8835wcd9380sd888_5gsd850sm6250pqcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca9379_firmwareqca6174asm7325psdx24_firmwareqca6430_firmwarewcn6750qsw8573mdm9205sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd7cwcn3910wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwarewcd9330_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwarewcn6851_firmwareqca6574aumdm9607sd205_firmwareqca6564a_firmwareapq8009wqcm6125qcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwarewcn6856sdxr1sd768gapq8096aumdm8207_firmwareqca6696wcn6740mdm9205_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdw2500sd888_firmwaresdx55apq8096au_firmwaresd675sm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqca9379ar8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40898
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-24 Aug, 2023 | 00:00
Updated-08 Dec, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac8_firmwareac8v4n/aac8
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43301
Matching Score-4
Assigner-JFrog
ShareView Details
Matching Score-4
Assigner-JFrog
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 66.16%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 00:00
Updated-04 Nov, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation.

Action-Not Available
Vendor-teluuteluuDebian GNU/Linux
Product-pjsipdebian_linuxpjsip
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-29941
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.35% / 56.99%
||
7 Day CHG~0.00%
Published-01 Apr, 2021 | 04:22
Updated-03 Aug, 2024 | 22:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the reorder crate through 2021-02-24 for Rust. swap_index has an out-of-bounds write if an iterator returns a len() that is too small.

Action-Not Available
Vendor-reorder_projectn/a
Product-reordern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13279
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.45% / 88.84%
||
7 Day CHG~0.00%
Published-10 Jul, 2019 | 16:27
Updated-04 Aug, 2024 | 23:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains multiple stack-based buffer overflows when processing user input for the setup wizard, allowing an unauthenticated user to execute arbitrary code. The vulnerability can be exercised on the local intranet or remotely if remote administration is enabled.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-827dru_firmwaretew-827drun/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-44186
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 70.58%
||
7 Day CHG~0.00%
Published-22 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r7000pr7000p_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0457
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.16% / 37.39%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:53
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170367562

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-39435
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-0.34% / 56.23%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 22:54
Updated-16 Jan, 2025 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zavio IP Camera Stack-Based Buffer Overflow

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to stack-based overflows. During the process of updating certain settings sent from incoming network requests, the product does not sufficiently check or validate allocated buffer size. This may lead to remote code execution.

Action-Not Available
Vendor-zavioZavio
Product-cf7201cf7300cb5220cf7501cf7500_firmwarecb3211_firmwarecf7300_firmwarecb3212cf7501_firmwareb8220_firmwarecb3212_firmwarecb6231_firmwareb8520cb5220_firmwarecb6231b8220cd321b8520_firmwarecb3211cf7201_firmwarecf7500cd321_firmwareIP Camera B8220IP Camera CB3212IP Camera CB5220IP Camera CD321IP Camera CB3211IP Camera CF7300IP Camera CB6231IP Camera CF7201IP Camera CF7500IP Camera CF7501IP Camera B8520
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-28237
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 61.12%
||
7 Day CHG~0.00%
Published-02 Dec, 2021 | 21:47
Updated-03 Aug, 2024 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.

Action-Not Available
Vendor-n/aGNU
Product-libredwgn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13132
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-28.17% / 96.39%
||
7 Day CHG~0.00%
Published-10 Jul, 2019 | 00:00
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.

Action-Not Available
Vendor-zeromqn/aCanonical Ltd.Fedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoralibzmqn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-38930
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 00:00
Updated-15 Oct, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac5ac7ac7_firmwaref1203_firmwarefh1205ac5_firmwareac9ac9_firmwaref1203fh1205_firmwaren/aac5ac7ac9
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13273
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 64.36%
||
7 Day CHG~0.00%
Published-27 Aug, 2019 | 16:52
Updated-04 Aug, 2024 | 23:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.

Action-Not Available
Vendor-xymonn/aDebian GNU/Linux
Product-xymondebian_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 49
  • 50
  • Next
Details not found