CVE-2024-52949

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack...

CVE-2022-48554

...

AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Amazon Linux 2022 : vim-common, vim-data, vim-default-editor (ALAS2022-2021-005)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2021-005 advisory. vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3903 A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to...

Debian dla-3977 : xfpt - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3977 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3977-1 [email protected] https://www.debian.org/lts/security/...

CVE-2024-53959

CVE-2024-53959 affects Adobe FrameMaker versions 2020.7, 2022.5 and earlier, due to a Stack-based Buffer Overflow that can lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). The issue is corroborated across multi...

CVE-2024-53959 Adobe Framemaker | Stack-based Buffer Overflow (CWE-121)

Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49543

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49543

CVE-2024-49543 affects Adobe InDesign Desktop versions ID19.5, ID18.5.4 and earlier. The issue is a stack-based buffer overflow that can lead to arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). Connected sources corr...

CVE-2024-49543 InDesign Desktop | Stack-based Buffer Overflow (CWE-121)

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49537 After Effects | Stack-based Buffer Overflow (CWE-121)

After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-53041

A vulnerability has been identified in Teamcenter Visualization V14.2 All versions V14.2.0.14, Teamcenter Visualization V14.3 All versions V14.3.0.12, Teamcenter Visualization V2312 All versions V2312.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0016, Tecnomatix Plant Simulation V24...

Adobe After Effects < 24.6.3 / 25.0.0 < 25.1.0 Memory leak (APSB24-95)

The version of Adobe After Effects installed on the remote Windows host is prior to 24.6.3, 25.1.0. It is, therefore, affected by a vulnerability as referenced in the APSB24-95 advisory. - After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerabilit...

CVE-2024-12352

A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This vulnerability affects the function sub40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The...

CVE-2024-12352

The CVE-2024-12352 entry concerns TOTOLINK EX1800T, version 9.1.0cu.2112_B20220316. It affects the function sub_40662C in /cgi-bin/cstecgi.cgi, where manipulation of the ssid argument triggers a stack-based buffer overflow. This can be exploited remotely and, per multiple sources, the exploit has...

CVE-2024-12352 TOTOLINK EX1800T cstecgi.cgi sub_40662C stack-based overflow

A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This vulnerability affects the function sub40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The...

CVE-2024-48871

The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution...

CVE-2024-48871 Planet Technology Planet WGS-804HPT Stack-based Buffer Overflow

The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution...

CVE-2024-48871

CVE-2024-48871 affects Planet Technology’s Planet WGS-804HPT industrial switch. The issue is a stack-based buffer overflow exposed via a crafted HTTP request, allowing unauthenticated remote code execution. Public mentions in THN’s coverage confirm this CVE as part of a set of flaws in the dispat...

CVE-2024-53703

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions modhttprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution...