Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-50399

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-26 Nov, 2025 | 00:00
Updated At-04 Dec, 2025 | 20:02
Rejected At-
Credits

FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:26 Nov, 2025 | 00:00
Updated At:04 Dec, 2025 | 20:02
Rejected At:
â–¼CVE Numbering Authority (CNA)

FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1
N/A
Hyperlink: https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1
exploit
Hyperlink: https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:26 Nov, 2025 | 16:15
Updated At:02 Jan, 2026 | 14:47

FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via the parameter password.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
fastcom
fastcom
>>fac1200r_firmware>>f400_fac1200r_q
cpe:2.3:o:fastcom:fac1200r_firmware:f400_fac1200r_q:*:*:*:*:*:*:*
fastcom
fastcom
>>fac1200r>>-
cpe:2.3:h:fastcom:fac1200r:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-120
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1cve@mitre.org
Exploit
Third Party Advisory
https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Third Party Advisory
Hyperlink: https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/1
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1017Records found
CVE-2021-38172
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.17% / 78.37%
||
7 Day CHG~0.00%
Published-05 Feb, 2022 | 17:26
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

perM 0.4.0 has a Buffer Overflow related to strncpy. (Debian initially fixed this in 0.4.0-7.)

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-permn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-38297
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.63% / 93.14%
||
7 Day CHG~0.00%
Published-18 Oct, 2021 | 00:00
Updated-04 Aug, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.

Action-Not Available
Vendor-n/aFedora ProjectGo
Product-gofedoran/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-3711
Matching Score-4
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-4
Assigner-OpenSSL Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.35% / 84.60%
||
7 Day CHG-0.38%
Published-24 Aug, 2021 | 14:50
Updated-16 Sep, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SM2 Decryption Buffer Overflow

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).

Action-Not Available
Vendor-Debian GNU/LinuxOpenSSLNetApp, Inc.Oracle CorporationTenable, Inc.
Product-communications_unified_session_managerjd_edwards_world_securitypeoplesoft_enterprise_peopletoolshealth_sciences_inform_publisheropensslcommunications_cloud_native_core_security_edge_protection_proxyactive_iq_unified_managermysql_connectorsoncommand_workflow_automationtenable.scsantricity_smi-s_providerstorage_encryptionsolidfiresnapcenterenterprise_session_border_controllerclustered_data_ontapdebian_linuxmanageability_software_development_kitessbasecommunications_cloud_native_core_unified_data_repositoryhci_management_nodemysql_enterprise_monitore-series_santricity_os_controllerzfs_storage_appliance_kitclustered_data_ontap_antivirus_connectornessus_network_monitormysql_servercommunications_session_border_controllerenterprise_communications_brokerjd_edwards_enterpriseone_toolsoncommand_insightOpenSSL
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-37388
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.43% / 87.22%
||
7 Day CHG~0.00%
Published-06 Aug, 2021 | 11:22
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-615_firmwaredir-615n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-37778
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.28% / 79.26%
||
7 Day CHG~0.00%
Published-30 Jun, 2022 | 14:38
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a buffer overflow in gps-sdr-sim v1.0 when parsing long command line parameters, which can lead to DoS or code execution.

Action-Not Available
Vendor-gps-sdr-sim_projectn/a
Product-gps-sdr-simn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-37716
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.58% / 81.28%
||
7 Day CHG~0.00%
Published-07 Sep, 2021 | 12:02
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.

Action-Not Available
Vendor-n/aSiemens AGAruba Networks
Product-arubaossd-wanscalance_w1750d_firmwarescalance_w1750dAruba SD-WAN Software and Gateways; Aruba Operating System Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-37162
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.56% / 91.65%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:49
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and possible remote code execution.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35104
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.04%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610qcn5550qca8337ipq8173_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qam8295pwcn3950ipq8076asd720gmdm9628mdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360qca6438_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwarewcn3999qrb5165_firmwareqrb5165m_firmwareipq8072_firmwaresa4155p_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareqcs405sd765gsw5100fsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwareqca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwaresa8295p_firmwarewcn3610qca6428_firmwaresm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072asdm429wsw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareqca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwaresdx24_firmwareqcn9012_firmwareqcn5052_firmwaresd439_firmwareipq6018_firmwareqsw8573qcs605wcn6850wcn3910qca6426_firmwareipq6028sd730qcn5550_firmwarewcd9330_firmwaresdx55msa8295pwcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603ipq8070qca6564a_firmwareipq8174_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwareqsm8250sa6145pipq6018sdxr1ar8031apq8096auqcs405_firmwaresa8145pqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439sa4155psxr2150par8035_firmwareqsm8250_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024mdm9628_firmwarecsra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwareipq8074asd662qcn5124_firmwareqam8295p_firmwareqcn9011_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sd429sa515m_firmwareqcs6490sdxr2_5gqcn5052qca9367mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwareapq8064ausda429wsd210wcn3620_firmwaresdx20_firmwareipq8074a_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwareqcn9000sd_675sd780gsd865_5gsdx24qcn9012sd888msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca8075_firmwareqca6574amdm9206wcn6855_firmwareqca9889qca6174asm7325pipq8074wcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwaresd855sm7325p_firmwaresd665ipq8076sd765qca6574a_firmwareqcn5152sd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwaremdm9607qcn5122sd205_firmwareqcm6125mdm9150wcn6856qcn5022qca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sdw2500sa6150pqca8075apq8096au_firmwareipq8070asm7250pipq6000_firmwaresd720g_firmwaresdx12ipq8071_firmwareqcs410_firmwareqcn9074_firmwaresw5100_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35081
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.22%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs610qcs2290_firmwareqca8337sdx65qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6390_firmwaresd690_5gwcd9370qca6564qcs6125_firmwareqrb5165n_firmwarewcn3998qcn7605wcd9385_firmwarewcn3950wcd9326_firmwaresm6375_firmwaresd662sd460_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwareqcs6125sd662_firmwarewcn3988_firmwaresa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwarewcd9326wcn6851sa6155pqca8081qcs4290_firmwarewcd9385wcd9341qcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwareaqt1000sa8150pwcd9375wcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcn7606_firmwarewcn6750_firmwareqcm6125_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwarewsa8835wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcn3980wcn6750sd855wsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresa8155p_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855qcn7605_firmwarewsa8810qcs610_firmwarewcn6856sa6145pqca6564_firmwaresdxr1sd768gsa8145pwcn6740qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55sa8155psm7250par8035_firmwareqcm2290qcn7606Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-34423
Matching Score-4
Assigner-Zoom Video Communications, Inc.
ShareView Details
Matching Score-4
Assigner-Zoom Video Communications, Inc.
CVSS Score-7.3||HIGH
EPSS-0.39% / 59.34%
||
7 Day CHG~0.00%
Published-24 Nov, 2021 | 16:53
Updated-17 Sep, 2024 | 03:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overflow in Zoom client and other products

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version 5.8.4, Zoom Client for Meetings for Chrome OS before version 5.0.1, Zoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows) before version 5.8.3, Controllers for Zoom Rooms (for Android, iOS, and Windows) before version 5.8.3, Zoom VDI Windows Meeting Client before version 5.8.4, Zoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64) before version 5.8.4.21112, Zoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS) before version 5.8.4.21112, Zoom Meeting SDK for Android before version 5.7.6.1922, Zoom Meeting SDK for iOS before version 5.7.6.1082, Zoom Meeting SDK for macOS before version 5.7.6.1340, Zoom Meeting SDK for Windows before version 5.7.6.1081, Zoom Video SDK (for Android, iOS, macOS, and Windows) before version 1.1.2, Zoom On-Premise Meeting Connector Controller before version 4.8.12.20211115, Zoom On-Premise Meeting Connector MMR before version 4.8.12.20211115, Zoom On-Premise Recording Connector before version 5.1.0.65.20211116, Zoom On-Premise Virtual Room Connector before version 4.4.7266.20211117, Zoom On-Premise Virtual Room Connector Load Balancer before version 2.5.5692.20211117, Zoom Hybrid Zproxy before version 1.0.1058.20211116, and Zoom Hybrid MMR before version 4.6.20211116.131_x86-64. This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code.

Action-Not Available
Vendor-Google LLCApple Inc.Microsoft CorporationZoom Communications, Inc.Linux Kernel Organization, Inc
Product-iphone_oszoom_on-premise_meeting_connector_mmrcontrollers_for_zoom_roomsvdi_windows_meeting_clientmeetingsvdi_vmwarewindows_meeting_sdkmacos_meeting_sdkwindows_video_sdkmacos_video_sdkmeetings_for_intunevirtual_desktop_infrastructuremacosmeetings_for_blackberryzoom_on-premise_virtual_room_connectorzoom_on-premise_recording_connectorandroid_meeting_sdkiphone_os_meeting_sdklinux_kernelmeetings_for_chrome_osrooms_for_conference_roomsandroidhybrid_mmrhybrid_zproxyvdi_azure_virtual_desktopzoom_on-premise_virtual_room_connector_load_balancerwindowsandroid_video_sdkzoom_on-premise_meeting_connector_controlleriphone_os_video_sdkvdi_citrixZoom VDI VMware Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS)Zoom On-Premise Recording ConnectorZoom Hybrid MMRZoom On-Premise Virtual Room ConnectorZoom Video SDK (for Android, iOS, macOS, and Windows)Zoom Meeting SDK for AndroidZoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows)Zoom Meeting SDK for WindowsZoom Meeting SDK for macOSZoom Meeting SDK for iOSZoom VDI Windows Meeting ClientZoom VDI Citrix Plugins (for Windows x86 or x64, Mac Universal Installer & Uninstaller, IGEL x64, eLux RP6 x64, HP ThinPro OS x64, Ubuntu x64, CentOS x 64, Dell ThinOS)Zoom Client for Meetings for Chrome OSZoom Client for Meetings for Blackberry (for Android and iOS)Zoom Hybrid ZproxyZoom Client for Meetings for intune (for Android and iOS)Zoom On-Premise Meeting Connector ControllerZoom On-Premise Meeting Connector MMRZoom Rooms for Conference Room (for Android, AndroidBali, macOS, and Windows)Zoom On-Premise Virtual Room Connector Load BalancerZoom VDI Azure Virtual Desktop Plugins (for Windows x86 or x64, IGEL x64, Ubuntu x64, HP ThinPro OS x64)Controllers for Zoom Rooms (for Android, iOS, and Windows)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-33226
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.94% / 88.08%
||
7 Day CHG+0.81%
Published-17 Feb, 2023 | 00:00
Updated-18 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file. NOTE: this is disputed by third parties because an attacker cannot influence the eval input

Action-Not Available
Vendor-saltstackn/a
Product-saltn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-37161
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.56% / 91.65%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 12:42
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was discovered in the HMI3 Control Panel contained within the Swisslog Healthcare Nexus Panel, operated by released versions of software before Nexus Software 7.2.5.7. A buffer overflow allows an attacker to overwrite an internal queue data structure and can lead to remote code execution.

Action-Not Available
Vendor-swisslog-healthcaren/a
Product-hmi-3_control_panel_firmwarehmi-3_control_paneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-3177
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 22.37%
||
7 Day CHG~0.00%
Published-19 Jan, 2021 | 00:00
Updated-18 Dec, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

Action-Not Available
Vendor-n/aDebian GNU/LinuxOracle CorporationFedora ProjectPython Software FoundationNetApp, Inc.
Product-ontap_select_deploy_administration_utilitycommunications_pricing_design_centeractive_iq_unified_managerenterprise_manager_ops_centerpythondebian_linuxfedoracommunications_cloud_native_core_network_function_cloud_native_environmentzfs_storage_appliance_kitcommunications_offline_mediation_controllern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31535
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.60%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 12:26
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.

Action-Not Available
Vendor-n/aFedora ProjectX.Org Foundation
Product-libx11x_window_systemfedoran/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-31895
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.1||HIGH
EPSS-1.16% / 78.28%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:02
Updated-14 Oct, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.7), RUGGEDCOM i801 (All versions < V4.3.7), RUGGEDCOM i802 (All versions < V4.3.7), RUGGEDCOM i803 (All versions < V4.3.7), RUGGEDCOM M2100 (All versions < V4.3.7), RUGGEDCOM M2200 (All versions < V4.3.7), RUGGEDCOM M969 (All versions < V4.3.7), RUGGEDCOM RMC30 (All versions < V4.3.7), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.7), RUGGEDCOM RMC8388 V5.X (All versions < V5.5.4), RUGGEDCOM RP110 (All versions < V4.3.7), RUGGEDCOM RS1600 (All versions < V4.3.7), RUGGEDCOM RS1600F (All versions < V4.3.7), RUGGEDCOM RS1600T (All versions < V4.3.7), RUGGEDCOM RS400 (All versions < V4.3.7), RUGGEDCOM RS401 (All versions < V4.3.7), RUGGEDCOM RS416 (All versions < V4.3.7), RUGGEDCOM RS416P (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.5.4), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.7), RUGGEDCOM RS416v2 V5.X (All versions < 5.5.4), RUGGEDCOM RS8000 (All versions < V4.3.7), RUGGEDCOM RS8000A (All versions < V4.3.7), RUGGEDCOM RS8000H (All versions < V4.3.7), RUGGEDCOM RS8000T (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900G (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RS900GP (All versions < V4.3.7), RUGGEDCOM RS900L (All versions < V4.3.7), RUGGEDCOM RS900W (All versions < V4.3.7), RUGGEDCOM RS910 (All versions < V4.3.7), RUGGEDCOM RS910L (All versions < V4.3.7), RUGGEDCOM RS910W (All versions < V4.3.7), RUGGEDCOM RS920L (All versions < V4.3.7), RUGGEDCOM RS920W (All versions < V4.3.7), RUGGEDCOM RS930L (All versions < V4.3.7), RUGGEDCOM RS930W (All versions < V4.3.7), RUGGEDCOM RS940G (All versions < V4.3.7), RUGGEDCOM RS969 (All versions < V4.3.7), RUGGEDCOM RSG2100 (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2100P (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V4.X (All versions < V4.3.7), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.5.4), RUGGEDCOM RSG2200 (All versions < V4.3.7), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM RSG907R (All versions < V5.5.4), RUGGEDCOM RSG908C (All versions < V5.5.4), RUGGEDCOM RSG909R (All versions < V5.5.4), RUGGEDCOM RSG910C (All versions < V5.5.4), RUGGEDCOM RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM RSL910 (All versions < V5.5.4), RUGGEDCOM RST2228 (All versions < V5.5.4), RUGGEDCOM RST2228P (All versions < V5.5.4), RUGGEDCOM RST916C (All versions < V5.5.4), RUGGEDCOM RST916P (All versions < V5.5.4). The DHCP client in affected devices fails to properly sanitize incoming DHCP packets. This could allow an unauthenticated remote attacker to cause memory to be overwritten, potentially allowing remote code execution.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_ros_rs900ruggedcom_ros_m2100ruggedcom_rst916pruggedcom_ros_rs900lruggedcom_ros_rs910wruggedcom_ros_rs969ruggedcom_i802ruggedcom_ros_rs920lruggedcom_rsg2300pruggedcom_ros_rs910lruggedcom_rs910lruggedcom_rmc30ruggedcom_ros_rmc30ruggedcom_rs900wruggedcom_ros_rsg2200ruggedcom_ros_rsg900rruggedcom_rs8000truggedcom_rs940gruggedcom_ros_i803ruggedcom_m969ruggedcom_rs930lruggedcom_ros_m2200ruggedcom_rsg2100ruggedcom_ros_rsg2288ruggedcom_rsg2100pruggedcom_ros_rmcruggedcom_rsg900gruggedcom_rs8000ruggedcom_rs910wruggedcom_ros_rsg900ruggedcom_ros_rsl910ruggedcom_ros_rs416ruggedcom_ros_rs930wruggedcom_ros_m969ruggedcom_ros_rsg2300pruggedcom_i803ruggedcom_ros_rsg900gruggedcom_ros_rsg920pruggedcom_rsg900rruggedcom_ros_rp110ruggedcom_rs401ruggedcom_rs900ruggedcom_ros_rmc8388ruggedcom_ros_rs900gruggedcom_rmc41ruggedcom_rs900gruggedcom_rs910ruggedcom_ros_rsg2100ruggedcom_rsg920pruggedcom_rp110ruggedcom_ros_rmc41ruggedcom_ros_rsg2300ruggedcom_ros_i802ruggedcom_rs416ruggedcom_ros_rst916cruggedcom_rs8000hruggedcom_rs920lruggedcom_ros_rst916pruggedcom_rmc8388ruggedcom_ros_rs416v2ruggedcom_ros_rs8000ruggedcom_ros_rs8000aruggedcom_ros_rst2228ruggedcom_rs400ruggedcom_ros_rs900wruggedcom_ros_rs930lruggedcom_ros_rs940gruggedcom_rs969ruggedcom_m2100ruggedcom_ros_i800ruggedcom_rsg2288ruggedcom_rsg900ruggedcom_m2200ruggedcom_ros_rs920wruggedcom_ros_rs401ruggedcom_ros_rs910ruggedcom_rsg2300ruggedcom_rsg2488ruggedcom_rsg900cruggedcom_ros_rsg900cruggedcom_rsg2200ruggedcom_rmc20ruggedcom_rs416v2ruggedcom_ros_rsg2488ruggedcom_ros_rsg2100pruggedcom_rmc40ruggedcom_rs930wruggedcom_rs920wruggedcom_rs900lruggedcom_ros_rs8000truggedcom_rmcruggedcom_rs900gpruggedcom_ros_rs400ruggedcom_rs8000aruggedcom_ros_rmc40ruggedcom_ros_rs900gpruggedcom_ros_rs8000hruggedcom_ros_rmc20ruggedcom_i801ruggedcom_rst2228ruggedcom_ros_i801ruggedcom_rsl910ruggedcom_i800ruggedcom_rst916cRUGGEDCOM RST916PRUGGEDCOM RSG2488 V4.XRUGGEDCOM RS969RUGGEDCOM RS900GRUGGEDCOM i801RUGGEDCOM RSG920P V5.XRUGGEDCOM RS930LRUGGEDCOM RS1600TRUGGEDCOM RS401RUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RSG920P V4.XRUGGEDCOM RS920LRUGGEDCOM M2200RUGGEDCOM RSG910CRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RSG2100PRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS8000TRUGGEDCOM RS8000HRUGGEDCOM RS900 (32M) V4.XRUGGEDCOM M2100RUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS400RUGGEDCOM RS910LRUGGEDCOM RSG907RRUGGEDCOM RSL910RUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RSG2200RUGGEDCOM RSG2488 V5.XRUGGEDCOM RS940GRUGGEDCOM RMC8388 V4.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RS910WRUGGEDCOM RS910RUGGEDCOM RS1600FRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM RSG2100RUGGEDCOM RMC30RUGGEDCOM RSG2288 V5.XRUGGEDCOM RSG2300P V4.XRUGGEDCOM RSG908CRUGGEDCOM RS416v2 V4.XRUGGEDCOM i800RUGGEDCOM RSG909RRUGGEDCOM i802RUGGEDCOM RP110RUGGEDCOM RS1600RUGGEDCOM RS416PRUGGEDCOM RST2228PRUGGEDCOM RSG2100P (32M) V5.XRUGGEDCOM RS8000ARUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM M969RUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS416RUGGEDCOM RS930WRUGGEDCOM RSG2300P V5.XRUGGEDCOM i803RUGGEDCOM RS900W
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3185
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.67% / 70.88%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 16:33
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution.

Action-Not Available
Vendor-n/afreedesktop.org
Product-gst-plugins-badgstreamer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-1205
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.24% / 94.46%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

Action-Not Available
Vendor-libpngn/aMozilla CorporationSUSECanonical Ltd.Debian GNU/LinuxGoogle LLCFedora ProjectVMware (Broadcom Inc.)openSUSEApple Inc.
Product-ubuntu_linuxfedorafirefoxiphone_osthunderbirditunessafariseamonkeyworkstationchromeopensusedebian_linuxmac_os_x_serverlinux_enterprise_serverplayerlibpngmac_os_xn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35855
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.30%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-11 Dec, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in Counter-Strike through 8684 allows a game server to execute arbitrary code on a remote client's machine by modifying the lservercfgfile console variable.

Action-Not Available
Vendor-valvesoftwaren/a
Product-counter-striken/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35056
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.26% / 49.31%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 15:14
Updated-04 Nov, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function.

Action-Not Available
Vendor-yifanwirelessYifanyifanwireless
Product-yf325_firmwareyf325YF325yf325_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2023-36109
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-20.36% / 95.39%
||
7 Day CHG~0.00%
Published-20 Sep, 2023 | 00:00
Updated-25 Sep, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35980
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 74.91%
||
7 Day CHG~0.00%
Published-25 Jul, 2023 | 18:28
Updated-07 Nov, 2024 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points running InstantOS and ArubaOS 10arba_access_points_running_instantos_and_arubaos_10
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35981
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-1.70% / 81.97%
||
7 Day CHG~0.00%
Published-25 Jul, 2023 | 18:28
Updated-07 Nov, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points running InstantOS and ArubaOS 10arba_access_points_running_instantos_and_arubaos_10
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-36187
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.54% / 88.93%
||
7 Day CHG~0.00%
Published-01 Sep, 2023 | 00:00
Updated-01 Oct, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-rax200_firmwarecbr40_firmwarerax80rbw30_firmwaremk62_firmwaremr60ms60rs400_firmwaremr60_firmwarer6400v2rax75lax20mk62r6400_firmwarer7000rax80_firmwarerbw30r7000pcbr40r6400v2_firmwarems60_firmwarers400r7000_firmwarer6700v3rax200r6700v3_firmwarerax75_firmwarer6400lax20_firmwarer7000p_firmwaren/ar6400v2
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30351
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.77%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresa415mwcn3998wcn3950ipq8076asd720gmdm9628mdm9206_firmwareqsw8573_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360qca6438_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareqca7500ipq8072_firmwareipq4029_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405wcd9340sd765gqualcomm215_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwareqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5022_firmwarewcn6750_firmwareqca9898ipq4028wcn3610qca6428_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresdm429wwcd9330msm8996au_firmwareipq8076a_firmwareqca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qet4101_firmwareqca6574csr8811_firmwarewcd9380qualcomm215qcs410qcn5024sd690_5g_firmwaresdx24_firmwareqca9985wcd9335_firmwareqcn5052_firmwarewcn3980ipq6018_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064wcn3980_firmwaresd730qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603ipq8070qca9994qca9980qca6564a_firmwareipq8174_firmwareapq8009wqca9880qcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareqsm8250sa6145pipq6018qca9886_firmwaresdxr1ar8031qcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675qet4101ar8035_firmwareqcm2290qsm8250_firmwareqcn5024_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024mdm9628_firmwarecsra6620fsm10055_firmwareqca9880_firmwareqca9992qcs4290mdm9250sd765g_firmwareqca6390_firmwareapq8009_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sm8450sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074asd662qcn5124_firmwaresa8155wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaresm6225ipq8174sd429sa515m_firmwareqca9990qcs6490qcn5052qca9367sdxr2_5gmdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresm8450_firmwaresd765_firmwarewcd9326wcd9335qca8081ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811sda429wsd210wcn3620_firmwaresdx20_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564aqcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gar9380_firmwaresdx24sm8450p_firmwaresd888msm8909w_firmwareipq8065_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresdm429w_firmwaresd888_5gsm6250pqca8075_firmwareipq4018qca6574amdm9206wcn6855_firmwareqca9889qca6174asm7325pqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm7325p_firmwaresd665ipq8076sd765qca6574a_firmwareqcn5152sd768g_firmwaresm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwareipq6028_firmwareipq8072a_firmwaresm6225_firmwareipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwaremdm9607qcn5122sd205_firmwarewcd9341_firmwarewsa8810sm8450pmdm9150wcn6856qcn5022wcn3680bqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresdw2500sa6150pqca8075sd845qca9990_firmwareipq8070asm7250pipq6000_firmwaresd720g_firmwaresdx12ipq8071_firmwareqcs410_firmwareqcn9074_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35055
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.26% / 49.31%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 15:14
Updated-04 Nov, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the gozila_cgi function.

Action-Not Available
Vendor-yifanwirelessYifanyifanwireless
Product-yf325_firmwareyf325YF325yf325_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-30321
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.22%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:16
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-aqt1000_firmwareqca2066wcd9380_firmwarewsa8830qca1062_firmwarewcn6851_firmwarewcn6856_firmwaresc8280xp_firmwareqca6430wsa8835wcd9340wsa8810_firmwarewcd9380wcd9341_firmwareqca6420_firmwarewsa8810wcn6855wcn6851wcn6856wcn6855_firmwarewcd9385wcd9341qca2066_firmwareqca6430_firmwareqca1064_firmwarewcn3998qca1062sd_8cx_firmwareqca6391_firmwarewcd9385_firmwaresd_8cxaqt1000wcd9340_firmwarewsa8815sc8280xpwcn6850qca6320wsa8830_firmwareqca1064wsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6320_firmwarewcn3998_firmwareqca6391qca6420Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30475
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.57%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 00:00
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow.

Action-Not Available
Vendor-aomedian/aFedora Project
Product-aomediafedoran/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35802
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.77% / 85.75%
||
7 Day CHG~0.00%
Published-15 Jul, 2023 | 00:00
Updated-30 Oct, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit.

Action-Not Available
Vendor-extremenetworksn/aextremenetworks
Product-ap460cap3000xap4000ap5050uap5010ap550ap130ap30ap5050dap410c-1ap650iq_engineap4000-1ap460s12cap150wap3000ap510cap410cap460s6cap630ap1130ap302wap305cap250ap305cxap122ap305c-1ap650xap510cxn/aiq_engine
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-13202
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.14%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 18:03
Updated-04 Aug, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the okhtmlfile and failhtmlfile parameters of several functionalities of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device.

Action-Not Available
Vendor-kyoceran/a
Product-ecosys_m5526cdw_firmwareecosys_m5526cdwn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-1000517
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-14.02% / 94.18%
||
7 Day CHG-19.16%
Published-26 Jun, 2018 | 16:00
Updated-09 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.

Action-Not Available
Vendor-busyboxn/aDebian GNU/LinuxCanonical Ltd.
Product-debian_linuxbusyboxubuntu_linuxn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35982
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 74.91%
||
7 Day CHG~0.00%
Published-25 Jul, 2023 | 18:28
Updated-07 Nov, 2024 | 18:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Action-Not Available
Vendor-HP Inc.Aruba NetworksHewlett Packard Enterprise (HPE)
Product-arubaosinstantosAruba Access Points running InstantOS and ArubaOS 10arba_access_points_running_instantos_and_arubaos_10
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-35803
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.47% / 90.00%
||
7 Day CHG~0.00%
Published-04 Oct, 2023 | 00:00
Updated-20 Sep, 2024 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow.

Action-Not Available
Vendor-extremenetworksn/aextremenetworks
Product-ap460cap3000xap4000ap5050uap5010ap550ap130ap30ap5050dap410c-1ap650iq_engineap460s12cap4000-1ap3000ap150wap510cap410cap460s6cap630ap1130ap302wap305cap250ap305cxap122ap305c-1ap650xap510cxn/aiq_engine
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-34561
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.83%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 00:00
Updated-08 Nov, 2024 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in the level parsing code of RobTop Games AB Geometry Dash v2.113 allows attackers to execute arbitrary code via entering a Geometry Dash level.

Action-Not Available
Vendor-robtopgamesn/a
Product-geometry_dashn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-34563
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.97% / 94.41%
||
7 Day CHG-3.54%
Published-20 Jun, 2023 | 00:00
Updated-09 Dec, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-r6250_firmwarer6250n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-3346
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.04% / 77.06%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 04:00
Updated-04 Dec, 2024 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service (DoS) and Remote Code Execution Vulnerability in MITSUBISHI CNC Series

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in MITSUBSHI CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition and execute arbitrary code on the product by sending specially crafted packets. In addition, system reset is required for recovery.

Action-Not Available
Vendor-Mitsubishi Electric Corporation
Product-m800vsm730vs_firmwarem750vs_firmwarem720vs_15-typem720vwm750vs_15-typec80m800sm750vsm80v_firmwarem750vs_15-type_firmwarem750vw_firmwarec80_firmwarem730vs_15-type_firmwarem800vwm70v_firmwarem80w_firmwarem720vw_firmwarem80wm720vs_firmwarem800vs_firmwarem80vw_firmwarem720vsm750vwm80_firmwarem80vwm730vs_15-typee70_firmwaree70m800w_firmwarem80vm720vs_15-type_firmwarem730vwm800s_firmwaree80_firmwarem800wm800vw_firmwarem70vm730vsm80m730vw_firmwaree80MITSUBISHI CNC M80 Series M80WMITSUBISHI CNC IoT Unit Data Acquisition UnitMITSUBISHI CNC IoT Unit Remote Service Gateway UnitMITSUBISHI CNC C80 Series C80MITSUBISHI CNC M700V Series M730VWMITSUBISHI CNC M700V Series M750VSMITSUBISHI CNC M70V Series M70VMITSUBISHI CNC M700V Series M750VWMITSUBISHI CNC E80 Series E80MITSUBISHI CNC M700V Series M720VWMITSUBISHI CNC M700V Series M730VSMITSUBISHI CNC M700V Series M720VSMITSUBISHI CNC M80V Series M80VWMITSUBISHI CNC M80V Series M80VMITSUBISHI CNC M800 Series M800SMITSUBISHI CNC M800V Series M800VSMITSUBISHI CNC M800V Series M800VWMITSUBISHI CNC E70 Series E70MITSUBISHI CNC M80 Series M80MITSUBISHI CNC M800 Series M800W
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35977
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.68% / 71.08%
||
7 Day CHG~0.00%
Published-08 Oct, 2021 | 14:19
Updated-04 Aug, 2024 | 00:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution.

Action-Not Available
Vendor-digin/a
Product-connectport_lts_8\/16\/32connectport_lts_8\/16\/32_firmwareportserver_tsportserver_ts_m_meiconnect_eswr31portserver_ts_mei_hardenedone_iap_family_firmwaretransport_wr11_xtcmtransport_wr11_xt_firmwarepassport_integrated_console_server_firmware6350-sr_firmwareportserver_ts_p_mei_firmwarewr44_rportserver_ts_firmwareone_iawr216350-srconnectport_ts_8\/16_firmwareone_iap_familyconnectport_ts_8\/16cm_firmwarewr21_firmwareportserver_ts_p_meipassport_integrated_console_serverwr31_firmwareportserver_ts_mei_hardened_firmwarewr44_r_firmwareconnect_es_firmwareportserver_ts_meione_ia_firmwarerealportportserver_ts_mei_firmwareportserver_ts_m_mei_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27705
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.11% / 86.52%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 14:52
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-g3g1_firmwareg1g3_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33082
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.19% / 41.39%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Host

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq4028_firmwareqca8337qfw7124ar9380wcn785x-5ipq8173_firmwareqca9563_firmwareflight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386qca9880_firmwareqca9992immersive_home_318_platform_firmwareipq8078aipq5028_firmwareipq6000qcn5152_firmwareqca0000_firmwarewcn685x-1qrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq9554wcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqca9563qcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqcn9011_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareqfw7114qrb5165nipq5010qca9986ipq8070_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8065ipq8078a_firmwareqcn9274ipq8174qca9990qrb5165m_firmwareipq5028qca7500ipq4029_firmwareqcn5052qca0000ipq6010ipq8068qcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013snapdragon_x75_5g_modem-rf_systemqca8081qcf8000ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqca9888_firmwareipq8068_firmwareqcn6122wcd9385ipq9008_firmwareqca9988_firmwareipq9570qcn5154_firmwarear8035csr8811qca9898_firmwareipq4019qcc710_firmwareqcn9100_firmwarerobotics_rb5_platformqca9992_firmwareipq5010_firmwareipq8074a_firmwareqca9898qcn5022_firmwareipq4028immersive_home_216_platform_firmwareqca9988wcn785x-1qca8072qca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwareqcf8000_firmwareipq8076a_firmwarear9380_firmwareipq8078qca8084ipq8173ipq9008qcn9012qcn5164qca9558qca9558_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5054_firmwareqcn5154qca8075_firmwareipq4018ipq4019_firmwareqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwareqca9888qca8072_firmwareqca9985qca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwarewcn3980ipq6018_firmwareipq8076_firmwareqca9886qcn5502_firmwarewcd9340_firmwarepmp8074_firmwareqcn6112ipq8076qca9986_firmwareqca9984ipq6028ipq8064qcn5021pmp8074qcn5152ipq9574_firmwarewcn785x-5_firmwareqcn9024qrb5165mimmersive_home_3210_platform_firmwareqca6391wcn3980_firmwareipq8064_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn5054qcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn685x-5ipq8070ipq6028_firmwareipq8072a_firmwareqcn5502qca9994qcn9011qca9531wcn785x-1_firmwareqca9889_firmwareipq9574qca9980qcn5122ipq8174_firmwareqcn9024_firmwareqca9880immersive_home_326_platformipq6018qcn5022qcn9013_firmwareqca9886_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6391_firmwareimmersive_home_214_platform_firmwareqca4024sdx55qca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareqca9531_firmwareipq6000_firmwareqcn9074_firmwareqfw7124_firmwareipq4029ar8035_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27707
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.11% / 86.52%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 15:00
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without limit.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-g3g1_firmwareg1g3_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27698
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 12:08
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c through the _parse_options() function.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27697
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 12:07
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33045
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.38%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in WLAN Firmware

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca8337qfw7124ipq8173_firmwareqam8775pqcf8001qcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwarewcn685x-1qca6554a_firmwareipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqca6574au_firmwareqcn5164_firmwareqca8081_firmwareipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqqca0000qcf8001_firmwareipq6010sc8380xp_firmwaresdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwarewcn685x-1_firmwareqca9888_firmwareqam8775p_firmwareqcn6122qca6696_firmwareipq9008_firmwareqcn5154_firmwareqca6797aqqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn5164qca6574csr8811_firmwarewcd9380ipq9554_firmwareqcn5024sxr1230pqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815qcn6112qca6426_firmwaresc8380xpipq6028qcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqca6797aq_firmwarewcn785x-1_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332immersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55sm8250ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqam8650pwcn785x-5qcn6224_firmwareqca8082qcn9072qca8386qca6390_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresm8450snapdragon_8_gen_2_mobile_platformsm8250-abipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewsa8845h_firmwareqfw7114qca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274ipq8174qcn5052sm8250_firmwareqcn6112_firmwaresm8250-acqcn9074qca8085wsa8810_firmwareqcn6224sm8450_firmwarewsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwarewcd9385ipq9570qca6390ar8035csr8811wcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcn9000qcf8000_firmwareqca6554asd865_5gqca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresd_8_gen1_5gqcn6274qcn5154qca8075_firmwaressg2125p_firmwareqca6574awcn685x-5_firmwareqca9889qcn6132_firmwareqca9888qcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152wcn785x-5_firmwaresm8250-ab_firmwareqca6391qcn9100qcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwareipq9574qcn5122wsa8810ipq5332_firmwaresm8550psnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwareqam8650p_firmwareipq6010_firmwarewcn6740qca6696qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073Snapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwaresnapdragon_870_5g_mobile_platform_firmwarear8035_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareimmersive_home_318_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwareqca8075_firmwaressg2125p_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareipq6018_firmwaresd_8_gen1_5g_firmwareipq8076_firmwareqca6574_firmwareqca8084_firmwarewcd9340_firmwareqcn5124_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca8082_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwarewsa8845h_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6436_firmwarewcn6740_firmwareqca6564au_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn6274_firmwarewsa8840_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwarewsa8832_firmwarefastconnect_6900_firmwareipq6028_firmwaresc8380xp_firmwareipq8072a_firmwareqcn6112_firmwareqca6797aq_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9395_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaresdx65m_firmwareqcn9013_firmwareipq8071a_firmwareqam8650p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqca6391_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwaresm8550p_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwarewcd9390_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwareqcn9072_firmwareipq6000_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33010
Matching Score-4
Assigner-Zyxel Corporation
ShareView Details
Matching Score-4
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-5.85% / 90.36%
||
7 Day CHG+0.01%
Published-24 May, 2023 | 00:00
Updated-27 Oct, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-26||Apply updates per vendor instructions.

A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg_flex_100usg_flex_500_firmwarevpn300_firmwarevpn50atp100_firmwareatp500_firmwareatp100w_firmwareusg_flex_700_firmwareusg_40w_firmwareusg_40wusg_flex_50w_firmwareusg20-vpn_firmwareatp700_firmwarevpn100atp800usg_60w_firmwareusg_flex_200_firmwareusg_flex_100wusg_60wvpn100_firmwareusg_flex_50usg_flex_100_firmwareusg_60_firmwareusg_20w-vpn_firmwareusg20-vpnusg_60usg_flex_700usg_flex_50_firmwareatp100atp200atp800_firmwarevpn300usg_flex_100w_firmwarevpn1000atp200_firmwareusg_flex_500vpn1000_firmwareusg_40_firmwareusg_40atp100wusg_flex_200atp700vpn50_firmwareusg_flex_50wusg_20w-vpnatp500USG FLEX series firmwareATP series firmwareUSG20(W)-VPN firmwareUSG FLEX 50(W) firmwareVPN series firmwareZyWALL/USG series firmwareMultiple Firewalls
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27706
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.11% / 86.52%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 14:55
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without limit.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-g3g1_firmwareg1g3_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27391
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-2.86% / 85.96%
||
7 Day CHG~0.00%
Published-14 Sep, 2021 | 10:47
Updated-23 Apr, 2025 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges.

Action-Not Available
Vendor-Siemens AG
Product-apogee_pxc_compact_\(p2_ethernet\)apogee_pxc_modular_\(bacnet\)_firmwareapogee_pxc_compact_\(p2_ethernet\)_firmwaretalon_tc_compact_\(bacnet\)apogee_mbc_\(ppc\)_\(p2_ethernet\)_firmwareapogee_pxc_bacnet_automation_controllerapogee_mbc_\(ppc\)_\(p2_ethernet\)apogee_pxc_bacnet_automation_controller_firmwareapogee_mec_\(ppc\)_\(p2_ethernet\)talon_tc_compact_\(bacnet\)_firmwareapogee_pxc_modular_\(p2_ethernet\)talon_tc_modular_\(bacnet\)apogee_pxc_modular_\(p2_ethernet\)_firmwareapogee_pxc_modular_\(bacnet\)apogee_mec_\(ppc\)_\(p2_ethernet\)_firmwaretalon_tc_modular_\(bacnet\)_firmwareAPOGEE PXC Modular (P2 Ethernet)APOGEE PXC Compact (BACnet)APOGEE MEC (PPC) (P2 Ethernet)APOGEE PXC Modular (BACnet)APOGEE MBC (PPC) (P2 Ethernet)TALON TC Modular (BACnet)APOGEE PXC Compact (P2 Ethernet)TALON TC Compact (BACnet)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33025
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.17%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-17 Apr, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking Size of Input in Data Modem

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm4490_firmwarewcd9380_firmwarewsa8830qcs4490_firmwaresnapdragon_x70_modem-rf_system_firmwaresnapdragon_x65_5g_modem-rf_systemqca8337wsa8832_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn3988_firmwarewsa8835fastconnect_6700_firmwareqcn9024_firmwarewcn3950_firmwarewsa8810_firmwarewcd9380sm4450_firmwarewsa8810wsa8832fastconnect_6700snapdragon_x70_modem-rf_systemqca8081snapdragon_680_4g_mobile_platformwcd9370qcm4490qcs4490wcn3950qcn6024_firmwarear8035wcd9375wcd9370_firmwarewsa8815qcn6024snapdragon_685_4g_mobile_platformwsa8830_firmwarewcn3988sm4450wsa8815_firmwarewsa8835_firmwaresnapdragon_685_4g_mobile_platform_firmwareqcn9024wcd9375_firmwareqca8081_firmwarear8035_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2009-5041
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 71.69%
||
7 Day CHG~0.00%
Published-31 Oct, 2019 | 15:35
Updated-07 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

overkill has buffer overflow via long player names that can corrupt data on the server machine

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-overkilln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27965
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-15.98% / 94.62%
||
7 Day CHG-6.64%
Published-05 Mar, 2021 | 01:53
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.

Action-Not Available
Vendor-msin/a
Product-dragon_centern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-27357
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-06 Apr, 2021 | 12:07
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c.

Action-Not Available
Vendor-riot-osn/a
Product-riotn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-32674
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.64% / 70.06%
||
7 Day CHG~0.00%
Published-12 Jun, 2023 | 21:40
Updated-03 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow.

Action-Not Available
Vendor-HP Inc.
Product-pc_hardware_diagnosticsHP PC Hardware Diagnostics Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • ...
  • 8
  • 9
  • 10
  • ...
  • 20
  • 21
  • Next
Details not found