Security Vulnerabilities - CVEs Published In October 2023
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.
CVSS Score
9.8
EPSS Score
0.043
Published
2023-10-16
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.
CVSS Score
9.8
EPSS Score
0.025
Published
2023-10-16
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-10-16
TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection.
CVSS Score
9.8
EPSS Score
0.03
Published
2023-10-16
TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection.
CVSS Score
9.8
EPSS Score
0.03
Published
2023-10-16
TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-16
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.
CVSS Score
9.8
EPSS Score
0.009
Published
2023-10-16
TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-16
extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.
CVSS Score
6.3
EPSS Score
0.0
Published
2023-10-16
The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-16