CVE-2023-40465

MEDIUM Year: 2023
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-121
View all →

Vulnerability Description

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal.

Related Vulnerabilities

CVE-2018-1071

MEDIUM
CVSS:5.5(Medium)

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.

CWE-1212018

CVE-2019-10974

MEDIUM
CVSS:5.5(Medium)

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code.

CWE-1212019

CVE-2022-2078

MEDIUM
CVSS:5.5(Medium)

A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of se...

CWE-1212022

CVE-2022-38672

MEDIUM
CVSS:5.5(Medium)

In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

CWE-1212022

CVE-2022-38750

MEDIUM
CVSS:5.5(Medium)

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the pars...

CWE-1212022

CVE-2022-39106

MEDIUM
CVSS:5.5(Medium)

In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.

CWE-1212022