Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 42196 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42196 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-44632 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/upgrade_info feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44631 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/reset_cloud_pwd feature, which allows malicous users to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44630 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/modify_account_pwd feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44629 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerabilitiy exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/register feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44628 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerabiltiy exists in TP-LINK WR-886N 20190826 2.3.8 in thee /cloud_config/router_post/login feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44627 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reset_pwd_veirfy_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44626 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44625 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request. | ||||
| CVE-2021-44623 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface. | ||||
| CVE-2021-44622 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-11-21 | 9.8 Critical |
| A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request. | ||||
| CVE-2021-44568 | 2 Opensuse, Redhat | 3 Libsolv, Satellite, Satellite Capsule | 2024-11-21 | 6.5 Medium |
| Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service. | ||||
| CVE-2021-44538 | 4 Cinny Project, Debian, Matrix and 1 more | 6 Cinny, Debian Linux, Element and 3 more | 2024-11-21 | 9.8 Critical |
| The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web. | ||||
| CVE-2021-44510 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 7.5 High |
| An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an extremely large value in order to cause a segmentation fault and crash the application. | ||||
| CVE-2021-44509 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 7.5 High |
| An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause an integer underflow of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c in order to cause a segmentation fault and crash the application. | ||||
| CVE-2021-44503 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 7.5 High |
| An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to va_arg on an empty variadic parameter list, most likely causing a memory segmentation fault. | ||||
| CVE-2021-44499 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 7.5 High |
| An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow. | ||||
| CVE-2021-44496 | 1 Fisglobal | 1 Gt.m | 2024-11-21 | 9.8 Critical |
| An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution. | ||||
| CVE-2021-44493 | 2 Fisglobal, Yottadb | 2 Gt.m, Yottadb | 2024-11-21 | 7.5 High |
| An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow. | ||||
| CVE-2021-44489 | 2 Fisglobal, Yottadb | 2 Gt.m, Yottadb | 2024-11-21 | 7.5 High |
| An issue was discovered in YottaDB through r1.32 and V7.0-000. Using crafted input, attackers can cause an integer underflow of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c in order to cause a segmentation fault and crash the application. This is a "- digs" subtraction. | ||||
| CVE-2021-44480 | 1 Wokkalokka | 2 Wokka Watch Q50, Wokka Watch Q50 Firmware | 2024-11-21 | 8.1 High |
| Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number and password) to listen to a device's surroundings via a callback in an SMS command, as demonstrated by the 123456 and 523681 default passwords. | ||||