| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
|
Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug.
This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b (distributed in 9.00.1507 (MR1)), 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)).
|
| Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. |
| A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption. |
|
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the camera. An attacker could inject malicious into http request packets to execute arbitrary code. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
|
|
Vladimir Kononovich, a Security Researcher has found a flaw that allows for a remote code execution on the DVR. An attacker could inject malicious HTTP headers into request packets to execute arbitrary code. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
|
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. |
|
Delta Electronics DOPSoft is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate user to execute a specially crafted file.
|
|
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
|
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors. |
| A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241583. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |
| Controller denial of service due to improper handling of a specially crafted message received by the controller.
See Honeywell Security Notification for recommendations on upgrading and versioning. |
| Server receiving a malformed message can cause a pointer to be overwritten which can result in a remote code execution or failure. See Honeywell Security Notification for recommendations on upgrading and versioning. |
| Server receiving a malformed message based on a using the specified key values can cause a heap overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure.
See Honeywell Security Notification for recommendations on upgrading and versioning.
|
| Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV. |
| An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
|
| A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution.
|
| A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code. |
| Possible variant of CVE-2021-3434 in function le_ecred_reconf_req. |
| TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow when trying to add '\0' to the end of long msg data. It can be exploited via crafted TCP packets. |
| Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
|
