CVE-2023-24294
published 2023-11-29CVE-2023-24294: Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.94%
56.3th percentile
Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rubygems | rubygems | >= 0 < 3.3.5-2ubuntu1.1 | 3.3.5-2ubuntu1.1 |
| zumtobel | netlink_ccd_firmware | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
rubygems vulnerabilities
osv·2025-09-03·CVSS 5.3
CVE-2023-28755 rubygems vulnerabilities
rubygems vulnerabilities
It was discovered that RubyGems incorrectly handled certain regular
expressions. An attacker could use this issue to cause RubyGems to crash,
resulting in a denial of service. This issue only affected Ubuntu 22.04
LTS. (CVE-2023-28755)
It was discovered that RubyGems incorrectly handled decompressed domain
names within a DNS packet. An attacker could use this issue to cause
RubyGems to crash, resulting in a denial of service. This issue only
affected Ubuntu 25.04. (CVE-2025-24294)
GHSA
GHSA-ccxg-3cwh-p7h7: Zumtobel Netlink CCD Onboard v3
ghsa_unreviewed·2023-11-29
CVE-2023-24294 [HIGH] CWE-120 GHSA-ccxg-3cwh-p7h7: Zumtobel Netlink CCD Onboard v3
Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-11-29
Published