CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-34195
https://notcve.org/view.php?id=CVE-2024-34195
In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlan_ssid field. ... For instance, by invoking the formWlanRedirect function with specific parameters to alter wlan_idx's value and subsequently invoking the formWlEncrypt function, an attacker can trigger buffer overflow, enabling arbitrary command execution or denial of service attacks. • https://gist.github.com/Swind1er/84161b607d06d060fba5adcdd92bceb4 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-34198
https://notcve.org/view.php?id=CVE-2024-34198
The formWlEncrypt CGI handler in the boa program fails to limit the length of the wlan_ssid field from user input. ... This can be further exploited to execute arbitrary commands or launch denial-of-service attacks. • https://gist.github.com/Swind1er/02f6cb414e440c34878f20fef756e286 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-44915
https://notcve.org/view.php?id=CVE-2024-44915
ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). • https://github.com/yuhano/irfanview_Poc • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-44913
https://notcve.org/view.php?id=CVE-2024-44913
ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). • https://github.com/yuhano/irfanview_Poc • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-44914
https://notcve.org/view.php?id=CVE-2024-44914
ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS). • https://github.com/yuhano/irfanview_Poc • CWE-284: Improper Access Control •