Search

Search Results (363288 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-21827 1 Tp-link 2 Er7206, Er7206 Firmware 2025-11-04 7.2 High
A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2024-21778 3 Level1, Levelone, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr-6013 and 2 more 2025-11-04 7.2 High
A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted .dat file can lead to arbitrary code execution. An attacker can upload a malicious file to trigger this vulnerability.
CVE-2024-21057 3 Mysql, Oracle, Redhat 4 Mysql, Mysql Server, Enterprise Linux and 1 more 2025-11-04 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-0107 2 Microsoft, Nvidia 8 Windows, Cloud Gaming, Geforce and 5 more 2025-11-04 7.8 High
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2023-52628 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Eus 2025-11-04 7.1 High
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to clean the remainder of the register in case ->len is NOT a multiple of the register size, so make it conditional just like nft_payload.c does. The bug was added in 4.1 cycle and then copied/inherited when tcp/sctp and ip option support was added. Bug reported by Zero Day Initiative project (ZDI-CAN-21950, ZDI-CAN-21951, ZDI-CAN-21961).
CVE-2023-52340 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-11-04 7.5 High
The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.
CVE-2023-51704 1 Mediawiki 1 Mediawiki 2025-11-04 6.1 Medium
An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. In includes/logging/RightsLogFormatter.php, group-*-member messages can result in XSS on Special:log/rights.
CVE-2023-50383 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `localPin` request's parameter.
CVE-2024-3706 1 Opengnsys 1 Opengnsys 2025-11-04 5.9 Medium
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This vulnerability allows an attacker to view a php backup file (controlaccess.php-LAST) where database credentials are stored.
CVE-2023-50382 3 Level1, Levelone, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr-6013 and 2 more 2025-11-04 7.2 High
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `peerPin` request's parameter.
CVE-2023-50381 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command injection is related to the `targetAPSsid` request's parameter.
CVE-2023-50330 3 Level1, Levelone, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr-6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVE-2023-50244 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `entry_name` request's parameter.
CVE-2023-50243 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `comment` request's parameter.
CVE-2023-50240 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `AdvDefaultPreference` request's parameter.
CVE-2023-50239 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
Two stack-based buffer overflow vulnerabilities exist in the boa set_RadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This stack-based buffer overflow is related to the `interfacename` request's parameter.
CVE-2023-49867 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVE-2023-49606 2 Tinyproxy, Tinyproxy Project 2 Tinyproxy, Tinyproxy 2025-11-04 9.8 Critical
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability.
CVE-2023-49595 3 Level1, Level One, Realtek 5 Wbr-6013, Wbr-6013 Firmware, Wbr6013 and 2 more 2025-11-04 7.2 High
A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2023-49593 2 Level1, Level One 3 Wbr-6013, Wbr-6013 Firmware, Wbr6013 2025-11-04 7.2 High
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.