Autodesk Revit 2022.x < 2022.1.8 / 2023.x < 2023.1.6 / 2024.x < 2024.3 / 2025.x < 2025.3 RFA File Parsing Buffer Overflow (ADSK-SA-2024-0017)

The version of Autodesk Revit installed on the remote Windows host is 2022.x prior to 2022.1.8, 2023.x prior to 2023.1.6, 2024.x prior to 2024.3, or 2025.x prior to 2025.3. It is, therefore, affected by a stack-based buffer overflow vulnerability: - A maliciously crafted RFA file, when parsed...

CVE-2024-7994

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2024-7994 Stack-Based Buffer Overflow Vulnerability in Autodesk Revit

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

Qnap QTS Stack-based Buffer Overflow (CVE-2024-27130)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build...

Qnap QTS Stack-based Buffer Overflow (CVE-2023-50361)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Oct 2024

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF003 Vulnerability Details CVEID:CVE-2018-15209 DESCRIPTION: LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer...

CVE-2024-47962 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current...

Delta Electronics CNCSoft-G2

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Heap-Based Buffer Overflow, Out-of-bounds Read, Use of Uninitialized Variable 2. RISK EVALUATION...

CVE-2024-47410

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47410 Animate | Stack-based Buffer Overflow (CWE-121)

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EulerOS 2.0 SP11 : orc (EulerOS-SA-2024-2563)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input validation. By importing an EC certificate with crafte...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.21 LTS, 12.0.4 LTS and 12.4.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...

CVE-2024-41902

A vulnerability has been identified in JT2Go All versions V2406.0003. The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process...

CVE-2024-41902

A vulnerability has been identified in JT2Go All versions V2406.0003. The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process...

CVE-2024-41902

Siemens JT2Go is affected by a stack-based buffer overflow in the PDF parsing path for all versions prior to V2406.0003. The vulnerability could allow code execution in the context of the current process. The issue is triggered when handling specially crafted PDF files and is described in CVE-202...

Adobe Animate 23.x < 23.0.8 / 24.x < 24.0.5 Multiple Vulnerabilities (APSB24-76)

The version of Adobe Animate installed on the remote Windows host is prior to 23.0.8 or 24.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-76 advisory. - Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that...