Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-37162

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-02 Aug, 2021 | 12:49
Updated At-04 Aug, 2024 | 01:16
Rejected At-
Credits

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and possible remote code execution.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:02 Aug, 2021 | 12:49
Updated At:04 Aug, 2024 | 01:16
Rejected At:
▼CVE Numbering Authority (CNA)

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and possible remote code execution.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.swisslog-healthcare.com
x_refsource_MISC
https://www.armis.com/PwnedPiper
x_refsource_MISC
https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
x_refsource_MISC
https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37162-bulletin---overflow-in-sccprocessmsg.pdf?rev=55a2a1d76199435688a8479970fc54bf&hash=4FDAB2F0EB319F0B773500669D67F3AD
x_refsource_MISC
Hyperlink: https://www.swisslog-healthcare.com
Resource:
x_refsource_MISC
Hyperlink: https://www.armis.com/PwnedPiper
Resource:
x_refsource_MISC
Hyperlink: https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
Resource:
x_refsource_MISC
Hyperlink: https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37162-bulletin---overflow-in-sccprocessmsg.pdf?rev=55a2a1d76199435688a8479970fc54bf&hash=4FDAB2F0EB319F0B773500669D67F3AD
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.swisslog-healthcare.com
x_refsource_MISC
x_transferred
https://www.armis.com/PwnedPiper
x_refsource_MISC
x_transferred
https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
x_refsource_MISC
x_transferred
https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37162-bulletin---overflow-in-sccprocessmsg.pdf?rev=55a2a1d76199435688a8479970fc54bf&hash=4FDAB2F0EB319F0B773500669D67F3AD
x_refsource_MISC
x_transferred
Hyperlink: https://www.swisslog-healthcare.com
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.armis.com/PwnedPiper
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37162-bulletin---overflow-in-sccprocessmsg.pdf?rev=55a2a1d76199435688a8479970fc54bf&hash=4FDAB2F0EB319F0B773500669D67F3AD
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:02 Aug, 2021 | 13:15
Updated At:07 Nov, 2023 | 03:36

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and possible remote code execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
swisslog-healthcare
swisslog-healthcare
>>hmi-3_control_panel_firmware>>Versions before 7.2.5.7(exclusive)
cpe:2.3:o:swisslog-healthcare:hmi-3_control_panel_firmware:*:*:*:*:*:*:*:*
swisslog-healthcare
swisslog-healthcare
>>hmi-3_control_panel>>-
cpe:2.3:h:swisslog-healthcare:hmi-3_control_panel:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.armis.com/PwnedPipercve@mitre.org
Third Party Advisory
https://www.swisslog-healthcare.comcve@mitre.org
Product
https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37162-bulletin---overflow-in-sccprocessmsg.pdf?rev=55a2a1d76199435688a8479970fc54bf&hash=4FDAB2F0EB319F0B773500669D67F3ADcve@mitre.org
Vendor Advisory
https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20cve@mitre.org
N/A
Hyperlink: https://www.armis.com/PwnedPiper
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.swisslog-healthcare.com
Source: cve@mitre.org
Resource:
Product
Hyperlink: https://www.swisslog-healthcare.com/-/media/swisslog-healthcare/documents/customer-service/armis-documents/cve-2021-37162-bulletin---overflow-in-sccprocessmsg.pdf?rev=55a2a1d76199435688a8479970fc54bf&hash=4FDAB2F0EB319F0B773500669D67F3AD
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://www.swisslog-healthcare.com/en-us/customer-care/security-information/cve-disclosures#:~:text=CVE%20Disclosures%20%20%20%20Vulnerability%20Name%20%2C%20%20CVE-2021-37164%20%204%20more%20rows%20
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1022Records found
CVE-2021-37161
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.56% / 91.45%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:42
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was discovered in the HMI3 Control Panel contained within the Swisslog Healthcare Nexus Panel, operated by released versions of software before Nexus Software 7.2.5.7. A buffer overflow allows an attacker to overwrite an internal queue data structure and can lead to remote code execution.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-37165
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.00% / 89.30%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 10:48
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When a message is sent to the HMI TCP socket, it is forwarded to the hmiProcessMsg function through the pendingQ, and may lead to remote code execution.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-37164
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.80% / 73.13%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:47
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur, resulting in a stack-based buffer overflow.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37163
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.78%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:46
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-37167
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 68.02%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:45
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. A user logged in using the default credentials can gain root access to the device, which provides permissions for all of the functionality of the device.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-37160
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.03% / 83.06%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:43
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation (e.g., cryptographic signature validation) during a File Upload for a firmware update.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2021-37166
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.87% / 74.23%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:44
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and takes extensive time for the GUI to connect to the TCP socket, allowing the connection to be hijacked by an external attacker.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24008
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the confcli binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-40130
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 63.42%
||
7 Day CHG+0.24%
Published-16 Jul, 2024 | 00:00
Updated-21 Aug, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.

Action-Not Available
Vendor-open5gsn/aopen5gs
Product-open5gsn/aopen5gs
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-29856
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.91%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 00:00
Updated-02 Aug, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-868ldir-868l_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24016
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the mesh_status_check binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-22873
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.09% / 83.31%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 14:43
Updated-04 Aug, 2024 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-jsishn/a
Product-jsishn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-22741
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.48% / 80.19%
||
7 Day CHG~0.00%
Published-19 Jan, 2023 | 21:20
Updated-10 Mar, 2025 | 21:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
heap-over-flow in stun_parse_attribute in sofia-sip

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_parse_attribute(), after we get the attribute's type and length value, the length will be used directly to copy from the heap, regardless of the message's left size. Since network users control the overflowed length, and the data is written to heap chunks later, attackers may achieve remote code execution by heap grooming or other exploitation methods. The bug was introduced 16 years ago in sofia-sip 1.12.4 (plus some patches through 12/21/2006) to in tree libs with git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@3774 d0543943-73ff-0310-b7d9-9358b9ac24b2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-signalwirefreeswitch
Product-sofia-sipsofia-sip
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23477
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.13% / 33.60%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:51
Updated-23 Apr, 2025 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-1291
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.94% / 82.68%
||
7 Day CHG~0.00%
Published-25 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24313
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-4.71% / 88.95%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_system_data_serverInteractive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42545
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 68.02%
||
7 Day CHG~0.00%
Published-12 Aug, 2024 | 00:00
Updated-13 Aug, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/aa3700r
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24018
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the multiWAN binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24014
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the logserver binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24028
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommonprod.so binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-38922
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.18% / 39.41%
||
7 Day CHG+0.02%
Published-06 Dec, 2024 | 00:00
Updated-17 Dec, 2024 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose.

Action-Not Available
Vendor-openroboticsn/a
Product-robot_operating_systemn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-24024
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rtk_ate binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-30280
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.88% / 89.16%
||
7 Day CHG~0.00%
Published-26 Apr, 2023 | 00:00
Updated-03 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6900_firmwarer6900r6700_firmwarer6700n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42546
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.82%
||
7 Day CHG~0.00%
Published-12 Aug, 2024 | 00:00
Updated-15 Aug, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3100ra3100r_firmwaren/aa3100r_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2015-20111
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.18% / 77.89%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 00:00
Updated-18 Nov, 2024 | 17:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in conjunction with CVE-2015-6031 exploitation.

Action-Not Available
Vendor-n/aBitcoin Wiki
Product-n/abitcoin_core
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24005
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the ap_steer binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24019
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the netctrl binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24025
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23468
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.38%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:49
Updated-23 Apr, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-38541
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 18.25%
||
7 Day CHG~0.00%
Published-19 Jun, 2024 | 13:35
Updated-04 Jun, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
of: module: add buffer overflow check in of_modalias()

In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will point beyond the buffer's end. Add the buffer overflow check after the 1st snprintf() call and fix such check after the strlen() call (accounting for the terminating NUL char).

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinuxlinux_kernel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42813
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.65%
||
7 Day CHG~0.00%
Published-19 Aug, 2024 | 00:00
Updated-01 Apr, 2025 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.

Action-Not Available
Vendor-n/aTRENDnet, Inc.
Product-tew-752dru_firmwaretew-752drun/atew-752dru_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24020
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the network_check binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-29468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-53.86% / 97.91%
||
7 Day CHG~0.00%
Published-14 Aug, 2023 | 00:00
Updated-05 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a specially crafted frame, a buffer overflow can be triggered that can potentially lead to remote code execution. This affects WILINK8-WIFI-MCP8 version 8.5_SP3 and earlier.

Action-Not Available
Vendor-tin/a
Product-wilink8-wifi-mcp8n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24021
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the online_process binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24013
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the gpio_ctrl binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24006
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the arpbrocast binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-24633
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.34% / 79.18%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 01:26
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

Action-Not Available
Vendor-n/aAruba Networks
Product-sd-wan9004-lte70057240xm90127008703072207010720570247280arubaos72109004Aruba 9000 GatewayAruba 7000 Series Mobility ControllersAruba 7200 Series Mobility Controllers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-42812
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.36% / 84.30%
||
7 Day CHG~0.00%
Published-19 Aug, 2024 | 00:00
Updated-17 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-860l_firmwaredir-860ln/adir-860l_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24026
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the telnet_ate_monitor binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24009
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the confsrv binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2010-5333
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.22% / 91.24%
||
7 Day CHG~0.00%
Published-13 Sep, 2019 | 15:40
Updated-07 Aug, 2024 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed for the vulnerable software. This CVE is to track an alternate exploitation method, utilizing an EIP-overwrite buffer overflow.

Action-Not Available
Vendor-integard_home_projectintegard_pro_projectn/a
Product-integard_prointegard_homen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23480
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.16% / 37.22%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:50
Updated-23 Apr, 2025 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-27971
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.64% / 69.56%
||
7 Day CHG~0.00%
Published-28 Apr, 2023 | 15:55
Updated-30 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Elevation of Privilege.

Action-Not Available
Vendor-HP Inc.
Product-laserjet_pro_mfp_m478-m479_w1a76a_firmwarelaserjet_pro_m404-m405_w1a51a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarelaserjet_pro_m404-m405_w1a51alaserjet_pro_m453-m454_w1y43alaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a32a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52a_firmwarelaserjet_pro_m304-m305_w1a47alaserjet_pro_m304-m305_w1a48a_firmwarelaserjet_pro_m404-m405_w1a60a_firmwarelaserjet_pro_mfp_m478-m479_w1a75a_firmwarelaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m404-m405_w1a56a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_mfp_m428-m429_w1a28a_firmwarelaserjet_pro_mfp_m428-m429_w1a31a_firmwarelaserjet_pro_m404-m405_w1a52alaserjet_pro_m404-m405_w1a63a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarelaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m404-m405_w1a59alaserjet_pro_m304-m305_w1a66alaserjet_pro_m404-m405_w1a58a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_w1a28alaserjet_pro_m304-m305_w1a47a_firmwarelaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m453-m454_w1y43a_firmwarelaserjet_pro_mfp_m428-m429_w1a33alaserjet_pro_m404-m405_w1a53alaserjet_pro_m404-m405_w1a57a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_mfp_m478-m479_w1a77alaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m478-m479_w1a75alaserjet_pro_mfp_m478-m479_w1a82a_firmwarelaserjet_pro_m453-m454_w1y44alaserjet_pro_m453-m454_w1y47alaserjet_pro_m404-m405_w1a53a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a48alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_w1a31alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a46alaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a59a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarelaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_f_w1a34a_firmwarelaserjet_pro_mfp_m478-m479_w1a81aHP LaserJet Pro
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24010
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the cwmpd binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24011
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the device_list binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23747
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-9.8||CRITICAL
EPSS-0.49% / 64.56%
||
7 Day CHG-3.36%
Published-17 Aug, 2022 | 20:52
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

Action-Not Available
Vendor-n/aSony Group Corporation
Product-xperia_5xperia_proxperia_1xperia_5_firmwarexperia_pro_firmwarexperia_1_firmwareSony Xperia
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24015
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the log_upload binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24017
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the miniupnpd binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24029
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.44% / 62.09%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rp-pppoe.so binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24027
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommon.so binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 20
  • 21
  • Next
Details not found