CVE-2025-0349 Tenda AC6 GetParentControlInfo stack-based overflow

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2025-0349 Tenda AC6 GetParentControlInfo stack-based overflow

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2025-0349

CVE-2025-0349 affects Tenda AC6 (firmware 15.03.05.16). The vulnerability is a stack-based overflow in GetParentControlInfo (/goform/GetParentControlInfo) triggered by manipulating the src/mac argument, which can be exploited remotely. Public exploit/public disclosure is noted. Other parameters m...

Security Bulletin: Vulnerability in XStream affect BM Spectrum Control

Summary XStream is vulnerable to denial of service, This vulnerability affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow in BinaryStreamDriver. By sending a specially crafted...

CVE-2025-0283

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges...

CVE-2018-4301

This issue is fixed in SCSSU-201801. A potential stack based buffer overflow existed in GemaltoKeyHandle.cpp...

Smart Card Services 安全漏洞

Smart Card Services is a smart card service open-sourced by Smart Card Services. A security vulnerability exists in Smart Card Services that stems from the presence of a stack-based buffer overflow vulnerability...

Ivanti Connect Secure 22.7R2.x < 22.7R2.5 Remote Code Execution (CVE-2025-0282)

The Ivanti Connect Secure install on the remote host is 22.7R2.x prior to 22.7R2.5. It is, therefore, affected by a remote code execution vulnerability: - A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neuro...

Ivanti Policy Secure 22.x <= 22.7R1.2 Local Privilege Escalation (CVE-2025-0283)

The version of Ivanti Policy Secure installed on the remote host is 22.x prior or equal to 22.7R1.2 Build 1485. It is, therefore, affected by a local privilege escalation vulnerability: - A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before...

Ivanti Connect Secure 9.x / 22.x < 22.7R2.5 Local Privilege Escalation (CVE-2025-0283)

The Ivanti Connect Secure install on the remote host is 9.x, or 22.x prior to 22.7R2.5. It is, therefore, affected by a local privilege escalation vulnerability: - A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and...

CVE-2024-45542 Stack-based Buffer Overflow in WLAN Windows Host

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver...

PT-2025-39346

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description The GIMP software contains a stack-based buffer overflow in the ILBM file parsing functionality. This issue could allow for remote code execution. Recommendations At the moment, there is no...

PT-2025-34647 · Libbiosig +1 · Libbiosig +1

Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 through Master Branch 35a819fa Description: A stack-based buffer overflow vulnerability exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. The vulnerability...

PT-2025-22999 · Gimp +1 · Gimp +1

Name of the Vulnerable Software and Affected Versions: GIMP affected versions not specified Description: A flaw was found in GIMP. The ani load image function is vulnerable to a stack-based overflow. Opening .ANI files may allow GIMP to store more information than its capacity allows. This flaw...

Ashlar Vellum Cobalt 安全漏洞

Ashlar Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar, Inc. A security vulnerability exists in Ashlar Vellum Cobalt that stems from the failure to properly validate the length of user-supplied data before copying it to a stack-based buffer. An attacke...

PT-2024-17902 · Ashlar Vellum · Ashlar-Vellum Cobalt

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this issue, where the...

(0Day) Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

CBL Mariner 2.0 Security Update: iptraf-ng (CVE-2024-52949)

The version of iptraf-ng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52949 advisory. - iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fail...

CVE-2024-52949

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack...

IPTraf-ng 安全漏洞

IPTraf-ng is an open source console-based Linux network monitoring program from IPTraf-ng. A security vulnerability exists in IPTraf-ng version 1.2.1, which stems from the presence of a stack-based buffer overflow vulnerability...