Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-39277

Summary
Assigner-sonicwall
Assigner Org ID-44b2ff79-1416-4492-88bb-ed0da00c7315
Published At-17 Oct, 2023 | 22:08
Updated At-13 Sep, 2024 | 16:03
Rejected At-
Credits

SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:sonicwall
Assigner Org ID:44b2ff79-1416-4492-88bb-ed0da00c7315
Published At:17 Oct, 2023 | 22:08
Updated At:13 Sep, 2024 | 16:03
Rejected At:
▼CVE Numbering Authority (CNA)

SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.

Affected Products
Vendor
SonicWall Inc.SonicWall
Product
SonicOS
Modules
  • Management
  • SSLVPN
Default Status
unknown
Versions
Affected
  • 7.0.1-5119 and earlier versions
  • 7.0.1-5129 and earlier versions
  • 6.5.4.4-44v-21-2079 and earlier versions
  • 6.5.4.12-101n and earlier versions
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121 Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121 Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012
vendor-advisory
Hyperlink: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012
vendor-advisory
x_transferred
Hyperlink: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012
Resource:
vendor-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:PSIRT@sonicwall.com
Published At:17 Oct, 2023 | 23:15
Updated At:19 Oct, 2023 | 16:44

SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CPE Matches
SonicWall Inc.
sonicwall
>>sonicos>>Versions before 7.0.1-5145(exclusive)
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa2700>>-
cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa3700>>-
cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa4700>>-
cpe:2.3:h:sonicwall:nsa4700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa5700>>-
cpe:2.3:h:sonicwall:nsa5700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa6700>>-
cpe:2.3:h:sonicwall:nsa6700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nssp10700>>-
cpe:2.3:h:sonicwall:nssp10700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nssp11700>>-
cpe:2.3:h:sonicwall:nssp11700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nssp13700>>-
cpe:2.3:h:sonicwall:nssp13700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nssp15700>>-
cpe:2.3:h:sonicwall:nssp15700:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv10>>-
cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv100>>-
cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv1600>>-
cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv200>>-
cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv25>>-
cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv270>>-
cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv300>>-
cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv400>>-
cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv470>>-
cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv50>>-
cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv800>>-
cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv870>>-
cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz270>>-
cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz270w>>-
cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz370>>-
cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz370w>>-
cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz470>>-
cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz470w>>-
cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz570>>-
cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz570p>>-
cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz570w>>-
cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>tz670>>-
cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>sonicos>>Versions before 6.5.4.4-44v-21-2340(exclusive)
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv10>>-
cpe:2.3:h:sonicwall:nsv10:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv100>>-
cpe:2.3:h:sonicwall:nsv100:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv1600>>-
cpe:2.3:h:sonicwall:nsv1600:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv200>>-
cpe:2.3:h:sonicwall:nsv200:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv25>>-
cpe:2.3:h:sonicwall:nsv25:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv270>>-
cpe:2.3:h:sonicwall:nsv270:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv300>>-
cpe:2.3:h:sonicwall:nsv300:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv400>>-
cpe:2.3:h:sonicwall:nsv400:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv470>>-
cpe:2.3:h:sonicwall:nsv470:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv50>>-
cpe:2.3:h:sonicwall:nsv50:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv800>>-
cpe:2.3:h:sonicwall:nsv800:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsv870>>-
cpe:2.3:h:sonicwall:nsv870:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>sonicos>>Versions before 6.5.4.13-105n(exclusive)
cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa_2600>>-
cpe:2.3:h:sonicwall:nsa_2600:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa_2650>>-
cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa_3600>>-
cpe:2.3:h:sonicwall:nsa_3600:-:*:*:*:*:*:*:*
SonicWall Inc.
sonicwall
>>nsa_3650>>-
cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-121SecondaryPSIRT@sonicwall.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-121
Type: Secondary
Source: PSIRT@sonicwall.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012PSIRT@sonicwall.com
Vendor Advisory
Hyperlink: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0012
Source: PSIRT@sonicwall.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

126Records found
CVE-2023-24129
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200aceagle_1200ac_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24122
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-18 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid_5g parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200ac_firmwareeagle_1200acn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24125
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2_5g parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200ac_firmwareeagle_1200acn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24118
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-10 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200ac_firmwareeagle_1200acn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24119
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200ac_firmwareeagle_1200acn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22404
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 42.25%
||
7 Day CHG~0.00%
Published-12 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 15:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon (iked) of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service (DoS). iked will crash and restart, and the tunnel will not come up when a peer sends a specifically formatted payload during the negotiation. This will impact other IKE negotiations happening at the same time. Continued receipt of this specifically formatted payload will lead to continuous crashing of iked and thereby the inability for any IKE negotiations to take place. Note that this payload is only processed after the authentication has successfully completed. So the issue can only be exploited by an attacker who can successfully authenticate. This issue affects Juniper Networks Junos OS on SRX Series, and MX Series with SPC3: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-srx345mx2008mx960mx240srx5800srx110srx4000srx550_hmsrx220srx240h2mx2010mx5srx5400srx100srx3400srx300srx550mx104junosmx80srx240msrx210srx1500srx380srx4200srx340mx10008mx150srx4100mx10srx240mx2020srx3600mx10003srx5000mx10016srx1400mx10000mx204mx480srx320srx5600mx40srx650srx4600srx550mJunos OS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-0637
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 20.77%
||
7 Day CHG~0.00%
Published-02 Feb, 2023 | 08:00
Updated-26 Mar, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDnet TEW-811DRU Web Management Interface wan.asp memory corruption

A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220017 was assigned to this vulnerability.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-811dru_firmwaretew-811druTEW-811DRU
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24132
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200aceagle_1200ac_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24133
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey_5g parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200aceagle_1200ac_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24117
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200ac_firmwareeagle_1200acn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24128
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.98%
||
7 Day CHG~0.00%
Published-01 Mar, 2023 | 00:00
Updated-07 Mar, 2025 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet.

Action-Not Available
Vendor-heimgardtechnologiesn/a
Product-eagle_1200aceagle_1200ac_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-44011
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 25.70%
||
7 Day CHG~0.00%
Published-23 Nov, 2023 | 00:00
Updated-03 Aug, 2024 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19.

Action-Not Available
Vendor-clickhousen/a
Product-clickhousen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-42444
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-4.9||MEDIUM
EPSS-0.06% / 19.28%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 20:38
Updated-25 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM App Connect Enterprise denial of service

IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538.

Action-Not Available
Vendor-IBM CorporationMicrosoft CorporationLinux Kernel Organization, Inc
Product-app_connect_enterpriseaixwindowslinux_kernelApp Connect Enterprise
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2022-40152
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-0.55% / 67.02%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 10:00
Updated-23 May, 2025 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack Buffer Overflow in Woodstox

Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

Action-Not Available
Vendor-xstreamxstreamFasterXML, LLC.
Product-woodstoxxstreamWoodstox
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40149
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-0.41% / 60.22%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 00:00
Updated-21 Apr, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack Buffer Overflow in Jettison

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

Action-Not Available
Vendor-jettison_projectJettisonDebian GNU/Linux
Product-jettisondebian_linuxJettison
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40160
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.27%
||
7 Day CHG~0.00%
Published-06 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack Overflow in JXPath

** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid.

Action-Not Available
Vendor-jxpathThe Apache Software Foundation
Product-commons_jxpathjxpath
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40159
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.27%
||
7 Day CHG~0.00%
Published-06 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack Overflow in JXPath

** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid.

Action-Not Available
Vendor-jxpathThe Apache Software Foundation
Product-commons_jxpathjxpath
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38750
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 24.07%
||
7 Day CHG~0.00%
Published-05 Sep, 2022 | 00:00
Updated-20 Nov, 2024 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS in SnakeYAML

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

Action-Not Available
Vendor-snakeyaml_projectsnakeyamlDebian GNU/Linux
Product-debian_linuxsnakeyamlSnakeYAML
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38751
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-0.17% / 39.11%
||
7 Day CHG~0.00%
Published-05 Sep, 2022 | 00:00
Updated-21 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS in SnakeYAML

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

Action-Not Available
Vendor-snakeyaml_projectsnakeyamlDebian GNU/Linux
Product-debian_linuxsnakeyamlSnakeYAML
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-39068
Matching Score-4
Assigner-ZTE Corporation
ShareView Details
Matching Score-4
Assigner-ZTE Corporation
CVSS Score-4.5||MEDIUM
EPSS-0.21% / 43.29%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 01:57
Updated-29 Sep, 2024 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow Vulnerability in ZTE MF296R

There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack.

Action-Not Available
Vendor-ZTE Corporation
Product-mf296rmf296r_firmwareMF296R
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38752
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 43.34%
||
7 Day CHG~0.00%
Published-05 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 11:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS in SnakeYAML

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.

Action-Not Available
Vendor-snakeyaml_projectsnakeyamlsnakeyaml_project
Product-snakeyamlSnakeYAMLsnakeyaml
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-38749
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.5||MEDIUM
EPSS-0.53% / 66.39%
||
7 Day CHG~0.00%
Published-05 Sep, 2022 | 00:00
Updated-03 Aug, 2024 | 11:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS in SnakeYAML

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

Action-Not Available
Vendor-snakeyaml_projectsnakeyamlDebian GNU/Linux
Product-debian_linuxsnakeyamlSnakeYAML
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36998
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.30% / 52.65%
||
7 Day CHG~0.00%
Published-28 Jul, 2022 | 00:49
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service.

Action-Not Available
Vendor-n/aVeritas Technologies LLC
Product-flex_appliancenetbackup_appliancenetbackupflex_scalen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-34884
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.48%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 21:32
Updated-27 Mar, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinksystem_sn550thinksystem_sr530_firmwarethinkagile_hx3375_firmwarethinksystem_sr570_firmwarethinksystem_sr158thinkagile_hx3721thinksystem_sd630_v2_firmwarethinksystem_sr665_firmwarethinkagile_hx3520-g_firmwarethinkagile_hx3521-g_firmwarethinkagile_mx3531_h_firmwarethinksystem_st250thinkagile_vx1320_firmwarethinksystem_sr850thinksystem_sr158_firmwarethinkagile_vx3320_firmwarethinkagile_vx7820thinksystem_sn850thinkagile_hx5520thinkagile_vx7530_firmwarethinkagile_vx3320thinkagile_vx5520_firmwarethinkagile_hx_enclosure_certified_node_firmwarethinksystem_st550_firmwarethinksystem_sr630thinksystem_sr950thinkagile_vx7320_nthinksystem_st658_v2thinkagile_hx1521-r_firmwarethinkagile_hx7820thinkagile_vx2320thinkagile_vx7520_nthinksystem_sd650_dwc_firmwarethinkagile_hx7520_firmwarethinkagile_vx_2u4nthinksystem_sr860_firmwarethinksystem_sr650_v2_firmwarethinkagile_hx5520-cthinksystem_sr630_v2thinksystem_sr860_v2thinkagile_hx7820_firmwarethinkagile_hx3720thinksystem_sd530thinksystem_sn850_firmwarethinkagile_vx_4u_firmwarethinksystem_st650_v2thinksystem_sr258_v2thinkagile_hx7521_firmwarethinkagile_hx1021thinkagile_hx3375thinkagile_vx2320_firmwarethinksystem_sr250_v2_firmwarethinkagile_vx3330thinkagile_mx3330-h_firmwarethinkagile_hx2720-e_firmwarethinksystem_st250_firmwarethinksystem_sr570thinksystem_sd650-n_v2thinkagile_vx7520thinkagile_hx3321_firmwarethinksystem_sr670_v2_firmwarethinksystem_sr670_v2thinkagile_vx_4uthinkagile_mx3331-f_firmwarethinkagile_hx2320-e_firmwarethinkagile_hx7521thinkagile_vx5520thinksystem_sr550thinkagile_mx3330-hthinkagile_vx7530thinkagile_vx3520-g_firmwarethinksystem_se350_firmwarethinkagile_mx3530-hthinksystem_st250_v2thinkagile_hx2321_firmwarethinkagile_hx2321thinkagile_hx3721_firmwarethinkagile_mx3330-f_firmwarethinksystem_sr860_v2_firmwarethinksystem_sr850p_firmwarethinksystem_st258thinkagile_hx1320thinkagile_hx1321_firmwarethinkagile_vx_1se_certified_nodethinksystem_sr850pthinkagile_hx1320_firmwarethinksystem_sn550_v2thinkstation_p920_firmwarethinksystem_sr258_v2_firmwarethinkagile_hx3320_firmwarethinkagile_hx3521-gthinkagile_mx3530_f_firmwarethinksystem_st650_v2_firmwarethinkagile_mx3330-fthinksystem_st258_v2_firmwarethinksystem_st258_firmwarethinkagile_hx3376_firmwarethinkagile_vx2330thinkagile_vx7330_firmwarethinkagile_vx7531_firmwarethinkagile_hx7821_firmwarethinksystem_sr850_firmwarethinkagile_vx3330_firmwarethinksystem_st550thinkagile_vx3520-gthinksystem_st658_v2_firmwarethinkagile_vx7531thinkagile_vx_2u4n_firmwarethinksystem_sr670_firmwarethinksystem_sr150thinkagile_vx3720thinksystem_sr850_v2_firmwarethinksystem_sr250_v2thinksystem_sd650_v2_firmwarethinkagile_mx1021_firmwarethinkagile_mx3530-h_firmwarethinkagile_hx1321thinksystem_st250_v2_firmwarethinkagile_hx7520thinkagile_mx3331-h_firmwarethinkagile_hx2720-ethinksystem_sr650_firmwarethinksystem_sd650-n_v2_firmwarethinksystem_sn550_v2_firmwarethinkagile_hx3321thinksystem_sr530thinksystem_sr250thinkagile_hx5520_firmwarethinksystem_sr850_v2thinksystem_se350thinkagile_mx1020_firmwarethinkagile_mx1020thinksystem_sr665thinksystem_sr150_firmwarethinkagile_hx3520-gthinkedge_se450_firmwarethinkagile_vx7320_n_firmwarethinksystem_sr860thinkagile_hx7821thinkagile_hx3720_firmwarethinkagile_hx5521_firmwarethinksystem_sr645_firmwarethinkedge_se450thinkagile_hx_enclosure_certified_nodethinkagile_hx1021_firmwarethinkagile_vx3331thinksystem_st258_v2thinkagile_vx7820_firmwarethinkagile_hx5520-c_firmwarethinksystem_sd530_firmwarethinkagile_mx3331-hthinkagile_hx5521-c_firmwarethinksystem_sd650_v2thinkstation_p920thinkagile_vx_1se_certified_node_firmwarethinksystem_sr650_v2thinkagile_vx7330thinksystem_sn550_firmwarethinkagile_hx5521-cthinksystem_sr250_firmwarethinksystem_sr258_firmwarethinksystem_sr590_firmwarethinkagile_mx3530_fthinkagile_hx1520-rthinksystem_sd630_v2thinksystem_sd650_dwcthinkagile_hx1521-rthinkagile_hx1520-r_firmwarethinkagile_hx3320thinkagile_vx3720_firmwarethinksystem_sr630_firmwarethinkagile_mx1021thinkagile_vx7520_n_firmwarethinksystem_sr550_firmwarethinkagile_hx2320-ethinkagile_vx5530thinkagile_mx3331-fthinkagile_vx1320thinksystem_sr645thinksystem_sr670thinksystem_sr590thinkagile_vx3331_firmwarethinkagile_vx7520_firmwarethinksystem_sr950_firmwarethinkagile_vx2330_firmwarethinkagile_vx3530-g_firmwarethinksystem_sr630_v2_firmwarethinkagile_hx3376thinkagile_mx3531_hthinkagile_vx5530_firmwarethinkagile_vx3530-gthinksystem_sr650thinksystem_sr258thinkagile_hx5521thinkagile_mx3531-fthinkagile_mx3531-f_firmwareLenovo XClarity Controller
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22323
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.57% / 67.62%
||
7 Day CHG~0.00%
Published-27 Apr, 2022 | 15:20
Updated-17 Sep, 2024 | 01:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 218379.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-security_verify_password_synchronizationactive_directorySecurity Verify Password Synchronization Plug-in for Windows AD
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-29215
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 22.71%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 00:00
Updated-25 Mar, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax12ax12_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-29217
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 29.03%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 00:00
Updated-25 Mar, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiSSID parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w18e_firmwarew18en/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-29218
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 27.26%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 00:00
Updated-26 Mar, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiPwd parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w18e_firmwarew18en/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2022-22312
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.7||MEDIUM
EPSS-0.57% / 67.62%
||
7 Day CHG~0.00%
Published-27 Apr, 2022 | 15:20
Updated-17 Sep, 2024 | 02:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 217369.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-security_verify_password_synchronizationactive_directorySecurity Verify Password Synchronization Plug-in for Windows AD
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-20572
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.54% / 66.73%
||
7 Day CHG~0.00%
Published-28 Jun, 2021 | 16:10
Updated-16 Sep, 2024 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-windowssecurity_identity_manager_adapterSecurity Identity Manager Adapters
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51743
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 42.68%
||
7 Day CHG~0.00%
Published-17 Jan, 2024 | 08:00
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow vulnerability in Skyworth Router

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Set Upstream Channel ID (UCID) parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web interface of the vulnerable targeted system. Successful exploitation of this vulnerability could allow the attacker to perform a Denial of Service (DoS) attack on the targeted system.

Action-Not Available
Vendor-skyworthdigitalHathway
Product-cm5100cm5100_firmwareSkyworth Router CM5100
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20250
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.95% / 75.43%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:59
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-20265
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.03%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 14:25
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20236
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.78% / 72.70%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 18:22
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20219
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.07% / 76.78%
||
7 Day CHG~0.00%
Published-21 Jul, 2021 | 13:25
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/igmp-proxy process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20237
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.73% / 71.75%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 18:22
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20249
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 48.37%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 17:27
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20247
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.72% / 71.64%
||
7 Day CHG~0.00%
Published-03 May, 2021 | 15:13
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20246
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.01% / 76.13%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 19:11
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the mactel process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20215
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.82% / 73.47%
||
7 Day CHG~0.00%
Published-07 Jul, 2021 | 13:29
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/diskd process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20231
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.70% / 71.13%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 13:53
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs through stable version 6.48.3 suffers from a memory corruption vulnerability in the /nova/bin/detnet process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-20218
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.84% / 73.82%
||
7 Day CHG~0.00%
Published-03 May, 2021 | 15:13
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20245
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.01% / 76.13%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 19:14
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the log process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20252
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.82% / 73.51%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 17:06
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-20266
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.10% / 77.10%
||
7 Day CHG~0.00%
Published-19 May, 2021 | 11:20
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-20254
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.83% / 73.68%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 13:52
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-20267
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.82% / 73.47%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 14:25
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.

Action-Not Available
Vendor-n/aMikroTik
Product-routerosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-40802
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 16.76%
||
7 Day CHG~0.00%
Published-25 Aug, 2023 | 00:00
Updated-02 Oct, 2024 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac23_firmwareac23n/aac23
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0571
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 42.73%
||
7 Day CHG+0.02%
Published-30 Jan, 2025 | 20:17
Updated-19 Feb, 2025 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability

Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25305.

Action-Not Available
Vendor-Santesoft LTD
Product-sante_pacs_serverPACS Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0848
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.1||HIGH
EPSS-0.09% / 25.59%
||
7 Day CHG~0.00%
Published-30 Jan, 2025 | 01:00
Updated-06 Mar, 2025 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda A18 HTTP POST Request SetCmdlineRun stack-based overflow

A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-a18_firmwarea18A18
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found