Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-32293 |
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromDhcpListClient function. Published: April 17, 2024; 10:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32292 |
Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. Published: April 17, 2024; 10:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32291 |
Tenda W30E v1.0 firmware v1.0.1.25(633) has a stack overflow vulnerability via the page parameter in the fromNatlimit function. Published: April 17, 2024; 10:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32290 |
Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32288 |
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromwebExcptypemanFilter function. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32287 |
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the qos parameter in the fromqossetting function. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32286 |
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromVirtualSer function. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32285 |
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the password parameter in the formaddUserName function. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32283 |
Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function via the cmdinput parameter. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32282 |
Tenda FH1202 v1.2.0.14(408) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31578 |
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-2419 |
A flaw was found in Keycloak's redirect_uri validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-1249 |
A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages. Published: April 17, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-1132 |
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL. Published: April 17, 2024; 10:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32313 |
Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the adslPwd parameter of the formWanParameterSetting function. Published: April 17, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32312 |
Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the adslPwd parameter of the formWanParameterSetting function. Published: April 17, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32310 |
Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the PPW parameter of the fromWizardHandle function. Published: April 17, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32307 |
Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. Published: April 17, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32301 |
Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. Published: April 17, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32281 |
Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand function via the cmdinput parameter. Published: April 17, 2024; 9:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |