CVE-2023-4744 : TENDA AC8 16.03.34.06_CN_TDC01 FORMSETDEVICENAME STACK-BASED OVERFLOW

Description

A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability.

References

https://github.com/GleamingEyes/vul/blob/main/tenda_ac8/ac8_1.md

https://vuldb.com/?id.238633

https://vuldb.com/?ctiid.238633

For More Information

CVERecord

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

Description IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script.

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

Description CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().build_extension()` function. The vulnerability arises from the `/mount_extension`

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

Description Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile