CVE-2024-8938

CRITICAL Year: 2024
CVSS v3 Score
8.1
High
Weakness Type
CWE-119
View all →

Vulnerability Description

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack followed by sending a crafted Modbus function call to tamper with memory area involved in memory size computation.

Related Vulnerabilities

CVE-2008-1083

HIGH
CVSS:8.1(High)

Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbi...

CWE-1192008

CVE-2009-2502

HIGH
CVSS:8.1(High)

Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2,...

CWE-1192009

CVE-2015-7547

HIGH
CVSS:8.1(High)

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a deni...

CWE-1192015

CVE-2015-8764

HIGH
CVSS:8.1(High)

Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.

CWE-1192015

CVE-2016-0778

HIGH
CVSS:8.1(High)

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly ma...

CWE-1192016

CVE-2016-0858

HIGH
CVSS:8.1(High)

Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.

CWE-1192016