Security Vulnerabilities Published In 2023 (Memory corruption)
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings.
| Max Base Score | 9.8 |
| Published | 2023-09-21 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a stack overflow vulnerability in the function update_users.
| Max Base Score | 9.8 |
| Published | 2023-09-20 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the hi_up parameter in the qos_ext.asp function.
| Max Base Score | 9.8 |
| Published | 2023-09-20 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the id parameter in the yyxz.data function.
| Max Base Score | 9.8 |
| Published | 2023-09-20 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the prev parameter in the H5/login.cgi function.
| Max Base Score | 9.8 |
| Published | 2023-09-20 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the popupId parameter in the H5/hi_block.asp function.
| Max Base Score | 9.8 |
| Published | 2023-09-20 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the fn parameter in the tgfile.asp function.
| Max Base Score | 9.8 |
| Published | 2023-09-20 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the zn_jb parameter in the arp_sys.asp function.
| Max Base Score | 9.8 |
| Published | 2023-09-20 |
| Updated | 2023-09-22 |
| EPSS | 0.08% |
Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free.
| Max Base Score | 7.5 |
| Published | 2023-09-21 |
| Updated | 2023-09-23 |
| EPSS | 0.05% |
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). In version 0.3.9 and prior, under certain conditions, the memory used by the builtins `raw_call`, `create_from_blueprint` and `create_copy_of` can be corrupted. For `raw_call`, the argument buffer of the call can be corrupted, leading to incorrect `calldata` in the sub-context. For `create_from_blueprint` and `create_copy_of`, the buffer for the to-be-deployed bytecode can be corrupted, leading to deploying incorrect bytecode.
Each builtin has conditions that must be fulfilled for the corruption to happen. For `raw_call`, the `data` argument of the builtin must be `msg.data` and the `value` or `gas` passed to the builtin must be some complex expression that results in writing to the memory. For `create_copy_of`, the `value` or `salt` passed to the builtin must be some complex expression that results in writing to the memory. For `create_from_blueprint`, either no constructor parameters should be passed to the builtin or `raw_args` should be set to True, and the `value` or `salt` passed to the builtin must be some complex expression that results in writing to the memory.
As of time of publication, no patched version exists. The issue is still being investigated, and there might be other cases where the corruption might happen. When the builtin is being called from an `internal` function `F`, the issue is not present provided that the function calling `F` wrote to memory before calling `F`. As a workaround, the complex expressions that are being passed as kwargs to the builtin should be cached in memory prior to the call to the builtin.
| Max Base Score | 8.1 |
| Published | 2023-09-18 |
| Updated | 2023-09-22 |
| EPSS | 0.09% |
An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
| Max Base Score | 7.5 |
| Published | 2023-09-05 |
| Updated | 2023-09-19 |
| EPSS | 0.05% |
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to memory corruption while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
| Max Base Score | 7.8 |
| Published | 2023-09-12 |
| Updated | 2023-09-14 |
| EPSS | 0.07% |
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.
| Max Base Score | 5.5 |
| Published | 2023-09-01 |
| Updated | 2023-09-06 |
| EPSS | 0.04% |
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo.
| Max Base Score | 9.8 |
| Published | 2023-08-30 |
| Updated | 2023-09-01 |
| EPSS | 0.09% |
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet.
| Max Base Score | 9.8 |
| Published | 2023-08-30 |
| Updated | 2023-09-01 |
| EPSS | 0.09% |
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.
| Max Base Score | 9.8 |
| Published | 2023-08-30 |
| Updated | 2023-09-01 |
| EPSS | 0.09% |
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.
| Max Base Score | 9.8 |
| Published | 2023-08-30 |
| Updated | 2023-09-01 |
| EPSS | 0.09% |
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.
| Max Base Score | 9.8 |
| Published | 2023-08-30 |
| Updated | 2023-09-01 |
| EPSS | 0.09% |