CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48290
https://notcve.org/view.php?id=CVE-2024-48290
07 Nov 2024 — An issue in the Bluetooth Low Energy implementation of Realtek RTL8762E BLE SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ll_terminate_ind packet. • http://realtek.com • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 8.8EPSS: 30%CPEs: 1EXPL: 1CVE-2024-40431
https://notcve.org/view.php?id=CVE-2024-40431
23 Oct 2024 — A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as a low-privileged user. • https://github.com/SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40432
https://notcve.org/view.php?id=CVE-2024-40432
23 Oct 2024 — A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SFFDISK_DEVICE_COMMAND control of the SD card reader driver allows a privileged attacker to crash the OS. • https://zwclose.github.io/2024/10/14/rtsper1.html •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-47677
https://notcve.org/view.php?id=CVE-2023-47677
08 Jul 2024 — A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability. Existe una vulnerabilidad de cross-site request forgery (csrf) en la funcionalidad de protección boa CSRF de Realtek rtl819x Jungle SDK v3.4.11. Una solicitud de red especialmente manipulada puede generar CSRF. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1872 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34435
https://notcve.org/view.php?id=CVE-2023-34435
08 Jul 2024 — A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de actualización de firmware en la funcionalidad boa formUpload de Realtek rtl819x Jungle SDK v3.4.11. Unos paquetes de red especialmente manipulados pueden provocar una actualización arbitraria del firmware. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1874 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-21778
https://notcve.org/view.php?id=CVE-2024-21778
08 Jul 2024 — A heap-based buffer overflow vulnerability exists in the configuration file mib_init_value_array functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted .dat file can lead to arbitrary code execution. An attacker can upload a malicious file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad del archivo de configuración mib_init_value_array de Realtek rtl819x Jungle SDK v3.4.11. Un archivo .dat especialmente mani... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1911 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-49073
https://notcve.org/view.php?id=CVE-2023-49073
08 Jul 2024 — A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en la funcionalidad boa formFilter de Realtek rtl819x Jungle SDK v3.4.11. Una serie de solicitudes HTTP especialmente manipuladas pueden provoc... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1875 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48270
https://notcve.org/view.php?id=CVE-2023-48270
08 Jul 2024 — A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en la funcionalidad boa formDnsv6 de Realtek rtl819x Jungle SDK v3.4.11. Una serie de solicitudes de red especialmente manipuladas pueden pro... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1876 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 1CVE-2023-45742
https://notcve.org/view.php?id=CVE-2023-45742
08 Jul 2024 — An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de enteros en la funcionalidad boa updateConfigIntoFlash de Realtek rtl819x Jungle SDK v3.4.11. Una serie de solicitudes HTTP especialmente manipuladas pueden provocar la ejecución de ... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1877 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-49595
https://notcve.org/view.php?id=CVE-2023-49595
08 Jul 2024 — A stack-based buffer overflow vulnerability exists in the boa rollback_control_code functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en la funcionalidad boa rollback_control_code de Realtek rtl819x Jungle SDK v3.4.11. Una serie de solicitudes de red especialment... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1878 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •