Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-32324

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Apr, 2024 | 00:00
Updated At-02 Aug, 2024 | 02:06
Rejected At-
Credits

Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the config_vpn_pptp function in rc program.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Apr, 2024 | 00:00
Updated At:02 Aug, 2024 | 02:06
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the config_vpn_pptp function in rc program.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.md
N/A
Hyperlink: https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.md
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
szlbt
Product
lbt-t300-t400_firmware
CPEs
  • cpe:2.3:o:szlbt:lbt-t300-t400_firmware:3.2:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 3.2
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.md
x_transferred
Hyperlink: https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.md
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:25 Apr, 2024 | 20:15
Updated At:20 Aug, 2025 | 03:11

Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the config_vpn_pptp function in rc program.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
szlbt
szlbt
>>lbt-t300-t400_firmware>>3.2
cpe:2.3:o:szlbt:lbt-t300-t400_firmware:3.2:*:*:*:*:*:*:*
szlbt
szlbt
>>lbt-t300-t400>>-
cpe:2.3:h:szlbt:lbt-t300-t400:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-120
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.mdcve@mitre.org
Exploit
Third Party Advisory
https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.mdaf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
Hyperlink: https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.md
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://github.com/teamoever/CVE/blob/main/LBT-T300-T400.md
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

370Records found
CVE-2025-29570
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.58%
||
7 Day CHG~0.00%
Published-03 Apr, 2025 | 00:00
Updated-20 Aug, 2025 | 02:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_image_check of a binary named rc.

Action-Not Available
Vendor-szlbtn/a
Product-lbt-t300-t400_firmwarelbt-t300-t400n/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-40536
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.21% / 43.73%
||
7 Day CHG~0.00%
Published-16 Jul, 2024 | 00:00
Updated-20 Aug, 2025 | 15:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 were discovered to contain a stack overflow via the pin_3g_code parameter in the config_3g_para function.

Action-Not Available
Vendor-szlbtn/a
Product-lbt-t300-t400lbt-t300-t400_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-39181
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 45.02%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 00:00
Updated-20 Aug, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a buffer overflow via the ApCliSsid parameter in thegenerate_conf_router() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-szlbtn/a
Product-lbt-t300-t400lbt-t300-t400_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-8019
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.35% / 57.19%
||
7 Day CHG~0.00%
Published-22 Jul, 2025 | 15:32
Updated-20 Aug, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shenzhen Libituo Technology LBT-T300-T310 appy.cgi sub_40B6F0 buffer overflow

A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-szlbtShenzhen Libituo Technology
Product-lbt-t300-t310lbt-t300-t310_firmwareLBT-T300-T310
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-29243
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 46.09%
||
7 Day CHG~0.00%
Published-21 Mar, 2024 | 00:00
Updated-17 Jun, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at /apply.cgi.

Action-Not Available
Vendor-szlbtn/aszlbt
Product-lbt-t300-mini1lbt-t300-mini1_firmwaren/albt-t300-mini_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-7077
Matching Score-6
Assigner-VulDB
ShareView Details
Matching Score-6
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.27% / 50.21%
||
7 Day CHG~0.00%
Published-06 Jul, 2025 | 06:32
Updated-20 Aug, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shenzhen Libituo Technology LBT-T300-T310 appy.cgi config_3g_para buffer overflow

A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-szlbtShenzhen Libituo Technology
Product-lbt-t300-t310lbt-t300-t310_firmwareLBT-T300-T310
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-29244
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 31.01%
||
7 Day CHG~0.00%
Published-21 Mar, 2024 | 00:00
Updated-17 Jun, 2025 | 13:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pin_code_3g parameter at /apply.cgi.

Action-Not Available
Vendor-szlbtn/a
Product-lbt-t300-mini1lbt-t300-mini1_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-27572
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.28%
||
7 Day CHG~0.00%
Published-01 Mar, 2024 | 00:00
Updated-30 Apr, 2025 | 11:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LBT T300-T390 v2.2.1.8 were discovered to contain a stack overflow via the ApCliSsid parameter in the updateCurAPlist function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-libtorn/aszlbt
Product-lbt-t300-t390_firmwarelbt-t300-t390n/albt-t300-t390_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-47307
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.20% / 41.73%
||
7 Day CHG~0.00%
Published-30 Nov, 2023 | 00:00
Updated-02 Aug, 2024 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter.

Action-Not Available
Vendor-szlbtn/a
Product-lbt-t300-t310lbt-t300-t310_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-50469
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.11% / 92.93%
||
7 Day CHG~0.00%
Published-15 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi.

Action-Not Available
Vendor-szlbtn/a
Product-lbt-t300-t310lbt-t300-t310_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26571
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:43
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26572
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:50
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26409
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.34%
||
7 Day CHG-0.01%
Published-10 Jan, 2023 | 20:56
Updated-09 Apr, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of SNP (Secure Nested Paging) memory integrity.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-milanpi_firmwaremilanpi3rd Gen EPYC
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26573
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 19:05
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26570
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.74%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:47
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-57509
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.42%
||
7 Day CHG~0.00%
Published-29 Jan, 2025 | 00:00
Updated-31 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_File::ParseStream and related functions.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25132
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:37
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25408
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.91%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 14:33
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynos_2100exynos_9830exynos_980exynos_9820Samsung Mobile Devices
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25136
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:46
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25131
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:36
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25135
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:45
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-57510
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.68%
||
7 Day CHG~0.00%
Published-29 Jan, 2025 | 00:00
Updated-03 Feb, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Bento4 mp42avc v.3bdc891602d19789b8e8626e4a3e613a937b4d35 allows a local attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25171
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:39
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetlicensecfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25169
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:06
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetservicecfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25126
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:08
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25137
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:41
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25134
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:43
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25138
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:03
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25168
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:01
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webupdatecomponent function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25170
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:04
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetremoteimageinfo function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25133
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.12%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:38
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-26259
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.07% / 77.37%
||
7 Day CHG~0.00%
Published-28 Mar, 2022 | 00:03
Updated-03 Aug, 2024 | 04:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows attackers to cause a Denial of Service (DoS) via a crafted RSTP request.

Action-Not Available
Vendor-xiongmaitechn/a
Product-ahb80x04r-mhahb80n16t-gsahb80x04-r-mh-v3ahb80n32f4-lmeahb80n16t-gs_firmwareahb80n32f4-lme_firmwarenbd80x09ra-kl_firmwareahb80x04r-mh_firmwarenbd80x09s-klnbd90s0vt-qw_firmwarenbd80x08s-kl_firmwareahb80x04r-mh-v2_firmwarenbd80x16s-kl_firmwarenbd80x16s-klahb80x04r-mh-v2ahb80x04-r-mh-v3_firmwarenbd90s0vt-qwnbd80x09s-kl_firmwarenbd80x08s-klnbd80x09ra-kln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25127
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:33
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25496
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.08% / 22.96%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25123
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.66%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 12:30
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice addlicense_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25494
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4||MEDIUM
EPSS-0.06% / 17.82%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25461
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4||MEDIUM
EPSS-0.03% / 8.75%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 18:05
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-25497
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.08% / 22.96%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25498
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.08% / 22.96%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-39291
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.38%
||
7 Day CHG~0.00%
Published-24 Jun, 2024 | 13:52
Updated-30 May, 2025 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating about potential truncation of output when using the snprintf function. The issue was due to the size of the buffer 'ucode_prefix' being too small to accommodate the maximum possible length of the string being written into it. The string being written is "amdgpu/%s_mec.bin" or "amdgpu/%s_rlc.bin", where %s is replaced by the value of 'chip_name'. The length of this string without the %s is 16 characters. The warning message indicated that 'chip_name' could be up to 29 characters long, resulting in a total of 45 characters, which exceeds the buffer size of 30 characters. To resolve this issue, the size of the 'ucode_prefix' buffer has been reduced from 30 to 15. This ensures that the maximum possible length of the string being written into the buffer will not exceed its size, thus preventing potential buffer overflow and truncation issues. Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c: In function ‘gfx_v9_4_3_early_init’: drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:379:52: warning: ‘%s’ directive output may be truncated writing up to 29 bytes into a region of size 23 [-Wformat-truncation=] 379 | snprintf(fw_name, sizeof(fw_name), "amdgpu/%s_rlc.bin", chip_name); | ^~ ...... 439 | r = gfx_v9_4_3_init_rlc_microcode(adev, ucode_prefix); | ~~~~~~~~~~~~ drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:379:9: note: ‘snprintf’ output between 16 and 45 bytes into a destination of size 30 379 | snprintf(fw_name, sizeof(fw_name), "amdgpu/%s_rlc.bin", chip_name); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:413:52: warning: ‘%s’ directive output may be truncated writing up to 29 bytes into a region of size 23 [-Wformat-truncation=] 413 | snprintf(fw_name, sizeof(fw_name), "amdgpu/%s_mec.bin", chip_name); | ^~ ...... 443 | r = gfx_v9_4_3_init_cp_compute_microcode(adev, ucode_prefix); | ~~~~~~~~~~~~ drivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:413:9: note: ‘snprintf’ output between 16 and 45 bytes into a destination of size 30 413 | snprintf(fw_name, sizeof(fw_name), "amdgpu/%s_mec.bin", chip_name); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25142
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.21%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 17:57
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webstartflash function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52060
Matching Score-4
Assigner-Real-Time Innovations, Inc.
ShareView Details
Matching Score-4
Assigner-Real-Time Innovations, Inc.
CVSS Score-8.3||HIGH
EPSS-0.51% / 65.69%
||
7 Day CHG~0.00%
Published-13 Dec, 2024 | 10:19
Updated-02 Oct, 2025 | 13:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential stack overflow when using XML configuration file referencing environment variables

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45.

Action-Not Available
Vendor-rtiRTI
Product-connext_professionalConnext Professional
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-52059
Matching Score-4
Assigner-Real-Time Innovations, Inc.
ShareView Details
Matching Score-4
Assigner-Real-Time Innovations, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.22% / 43.91%
||
7 Day CHG~0.00%
Published-13 Dec, 2024 | 10:18
Updated-02 Dec, 2025 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.17.

Action-Not Available
Vendor-rtiRTI
Product-connext_professionalConnext Professional
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-49996
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.75%
||
7 Day CHG~0.00%
Published-21 Oct, 2024 | 18:02
Updated-03 Nov, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
cifs: Fix buffer overflow when parsing NFS reparse points

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev().

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-50131
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.25%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 17:10
Updated-03 Nov, 2025 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
tracing: Consider the NULL character when validating the event length

In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character. This commit checks this condition and returns failure for it.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-49830
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.03% / 6.47%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while processing an IOCTL call to set mixer controls.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_429_mobile_firmwareqca6688aqwcn3620_firmwareqca9367_firmwareqca6678aqqca6688aq_firmwareqca9377sdm429w_firmwarewcn3620qca6574auqca6678aq_firmwaresnapdragon_429_mobileqca6595au_firmwareqca9367qca6574au_firmwareqca6698aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2sdm429wqca6595auqca6698aqqca9377_firmwarewcn3660b_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660bSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-49829
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.66%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera

Memory corruption can occur during context user dumps due to inadequate checks on buffer length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewsa8835wcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwarewcd9380snapdragon_8_gen_1_mobile_firmwaresnapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilewcn3660b_firmwarefastconnect_7800wcn3660bSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-24851
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.86%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in WLAN HOST

Memory Corruption in WLAN HOST while parsing QMI response message from firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pimmersive_home_214qcs410_firmwaresd865_5gsa6150p_firmwareipq9574qcn9000_firmwareqca6595qcn9022qcs610_firmwaresnapdragon_8\+_gen_1ipq6028_firmwarewcd9335qca8081_firmwarewcd9370qcn9001qca8072qca6696wcd9340_firmwarewcd9341_firmwareipq5028_firmwareqcn6024qcn9003_firmwareipq8076wcn6740_firmwarefastconnect_6700ipq6018_firmwareqcn6023snapdragon_695_5gsa4150pqcn5124_firmwaresnapdragon_888_5gwsa8832_firmwareqca8337ipq6000snapdragon_4_gen_2_firmwareqca6574au_firmwareipq8078aipq8078a_firmwareqam8295psnapdragon_x12_lte_firmwarewcd9341qca6574auwsa8810_firmwarecsra6640snapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gqcn9100_firmwaresnapdragon_765_5gqcn5122qca6554afastconnect_6800_firmwaresnapdragon_865\+_5g_firmwaresd835_firmwareqcn6024_firmwaresnapdragon_x65_5gvideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_888\+_5g_firmwareqcn9000ssg2115pqcn6132_firmwaresnapdragon_xr2_5g_firmwareqsm8350_firmwareqcn5054snapdragon_765g_5g_firmwaresnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900video_collaboration_vc1_platformqcn5052wcd9385_firmwareipq9574_firmwareqca6310qam8255p_firmwaresnapdragon_778g_5gipq8074a_firmwareipq8076aqcn5164qcs4490sa6155pqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650pqca8085qca6595ausm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwaresd835snapdragon_835qcn9012ipq8070a_firmwareqcn9070qcs4490_firmwarewcn3910_firmwareqca8084snapdragon_680_4gwcn3910sdx65mwcd9370_firmwaresnapdragon_480\+_5g_firmwaresnapdragon_765_5g_firmwareqca6574aqca6174asnapdragon_695_5g_firmwaresa8195psnapdragon_750g_5g_firmwarewcd9340qcm2290qcm6490qcn6122_firmwareqcn5154_firmwaresnapdragon_x55_5g_firmwarewcn3988qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwareqca6574sxr2230p_firmwareqcn9011snapdragon_439_firmwaresmart_audio_400qcn9024_firmwareqca8082sa6150pwcd9326qcs410qcm2290_firmwaresa8155p_firmwaresa8155pqca8072_firmwarewsa8830snapdragon_870_5g_firmwaresa6145psnapdragon_x65_5g_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122sa8255p_firmwaresnapdragon_888\+_5gipq8174_firmwarear8035ipq8072aqrb5165m_firmwareimmersive_home_216_firmwareqcm4325immersive_home_316ipq8071asnapdragon_782gqca6698aqwcn3950_firmwaressg2125p_firmwareqrb5165nfastconnect_6200wcn3680bsm7325p_firmwaresa8145p_firmwaresa8150p_firmwaresnapdragon_835_firmwarefastconnect_6700_firmwaresnapdragon_768g_5gvideo_collaboration_vc3_platform_firmwarewcn3990qcn6023_firmwareqcn5164_firmwaresnapdragon_778g_5g_firmwaresnapdragon_780g_5gqcn9002ipq8078qcs6490snapdragon_778g\+_5gfastconnect_6200_firmwareqcn9072wsa8830_firmwareqca8386_firmwaresd660_firmwaresnapdragon_7c\+_gen_3wsa8832qca8082_firmwareimmersive_home_216ar8035_firmwareqcn5022_firmwareqrb5165msnapdragon_680_4g_firmwareqca6320sa4150p_firmwareqca4024_firmwaresd888_firmwareipq9008snapdragon_439qca6564ausnapdragon_460ipq9008_firmwareqcn9074wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwareqcm4290qcn5054_firmwareqca9888snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_x12_ltesnapdragon_685_4gsnapdragon_xr2\+_gen_1qca9377_firmwareipq8173qcm6490_firmwareipq8072a_firmwaresnapdragon_w5\+_gen_1sm7250p_firmwareipq6010_firmwareqcm4490_firmwarewcn3950flight_rb5_5gsnapdragon_690_5g_firmwareqca6797aq_firmwareipq5028qca8085_firmwareqcn9070_firmwaresa8295p_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresa4155p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132snapdragon_auto_5g_firmwaresm7250psnapdragon_768g_5g_firmwareipq6018qca6584ausd888qca6320_firmwareqcn9011_firmwaresw5100_firmwarewcn6740qca6310_firmwarefastconnect_6800qca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_214_firmwareqcn9001_firmwareipq8070afastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_xr2_5gsa8150pqcn9003qca8075_firmwaresnapdragon_888_5g_firmwaresnapdragon_765g_5gqcn5052_firmwaresxr1230pipq6010sdx65m_firmwarevideo_collaboration_vc3_platformsw5100qam8295p_firmwaresnapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315snapdragon_750g_5gqca6698aq_firmwareqcs2290wcd9385qsm8350qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615qca8084_firmwaresnapdragon_8_gen_1sa8255pqcs4290sxr1230p_firmwareqcn5024snapdragon_782g_firmwaresnapdragon_x55_5gipq8071a_firmwarewcn3615_firmwareflight_rb5_5g_firmwaressg2125pqca6554a_firmwareipq6028qcm4490snapdragon_4_gen_1snapdragon_870_5gcsra6640_firmwareqcn9100robotics_rb5snapdragon_480\+_5gqca6174a_firmwaresnapdragon_685_4g_firmwaresm7325pqam8650p_firmwareqcs6490_firmwaresnapdragon_480_5gipq8076_firmwarewcd9335_firmwarewcn3980_firmwareqrb5165n_firmwareqca6584au_firmwareqcn5152_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620sd660qca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca9377snapdragon_ar2_gen_1_firmwaresnapdragon_auto_5gqcn5124qca6797aqqcn5152qcm4325_firmwaresnapdragon_660qca6574a_firmwareqcn9072_firmwareqcm4290_firmwareqca9888_firmwareipq8074aqca9889snapdragon_8\+_gen_1_firmwareqcn5024_firmwaresd_8_gen1_5g_firmwareqcn9002_firmwarewcd9375_firmwaresnapdragon_7c\+_gen_3_firmwareqca8386immersive_home_318ipq5010qcn9274_firmwareqca6391snapdragon_w5\+_gen_1_firmwareipq8173_firmwareqcn9012_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwarecsra6620_firmwaresa8295pipq6000_firmwarefastconnect_7800qam8775p_firmwaresd865_5g_firmwarewcd9375ipq8078_firmwareqca9889_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareimmersive_home_316_firmwareqcn5154sa8145pwsa8835_firmwaressg2115p_firmwarecsr8811qcn5022wcn3980wcn3680b_firmwareqcs610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22547
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.3||MEDIUM
EPSS-0.03% / 6.82%
||
7 Day CHG~0.00%
Published-04 May, 2021 | 13:05
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overrun in Google Cloud IoT Device SDK for Embedded C

In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading the Google Cloud IoT Device SDK for Embedded C used to 1.0.3 or greater.

Action-Not Available
Vendor-Google LLC
Product-cloud_iot_device_sdk_for_embedded_cGoogle Cloud IoT Device SDK for Embedded C
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14835
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.08% / 23.62%
||
7 Day CHG~0.00%
Published-17 Sep, 2019 | 15:09
Updated-05 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Action-Not Available
Vendor-Linux KernelHuawei Technologies Co., Ltd.Fedora ProjectopenSUSECanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuximanager_netecoopenshift_container_platformenterprise_linux_server_aush410c_firmwareh300s_firmwarevirtualization_hosth410sh610s_firmwareh300ssteelstore_cloud_integrated_storageh610sh300e_firmwareh500ehci_management_nodeenterprise_linux_workstationfedorah500s_firmwareh500e_firmwareenterprise_linux_eush700eaff_a700s_firmwareenterprise_linux_desktopleapdata_availability_servicesmanageoneh300evirtualizationh500sservice_processorenterprise_linuxaff_a700ssolidfiredebian_linuxlinux_kernelh410s_firmwareh700s_firmwareh410ch700e_firmwareenterprise_linux_server_tush700simanager_neteco_6000enterprise_linux_for_real_timeLinux kernel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found