Adobe Animate 23.x < 23.0.8 / 24.x < 24.0.5 Multiple Vulnerabilities (APSB24-76)

The version of Adobe Animate installed on the remote macOS or Mac OS X host is prior to 23.0.8 or 24.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-76 advisory. - Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write...

FastStone Image Viewer <= 7.5 Multiple Vulnerabilities

The version of FastStone Image Viewer installed on the remote Windows host is prior to or equal to 7.5. It is, therefore, affected by multiple vulnerabilities: - Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow. CVE-2022-36947 - A user mo...

Adobe Animate 23.x < 23.0.8 / 24.x < 24.0.5 Multiple Vulnerabilities (APSB24-76)

The version of Adobe Animate installed on the remote Windows host is prior to 23.0.8 or 24.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-76 advisory. - Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that...

CVE-2024-23374 Stack-based Buffer Overflow in Power Management IC

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file...

Advisory ROSA-SA-2024-2492

Software: krb5 1.15.1 OS: rosa-server79 packageevrstring: krb5-1.15.1-55.res7 CVE-ID: CVE-2022-42898 BDU-ID: 2022-06933 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the PAC Privileged Attribute Certificate parameters of the krb5parsepac function of the Heimdal and MIT Kerberos packets of the...

CVE-2024-41586

A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

CVE-2024-47135

Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

CVE-2024-41592

CVE-2024-41592 affects DrayTek Vigor3910 devices up to 4.3.2.6. The issue is a stack-based overflow in the GetCGI function when processing query string parameters (extraneous ampersands and long key–value pairs). Exploitation could lead to arbitrary code execution or DoS as described in multiple ...

The vulnerability of the fromSetLPBind function in Tenda FH1206 microprogramming router software allows a hacker to cause a service failure.

The vulnerability of the fromSetLPBind function in Tenda FH1206 router microprogramming software is related to buffer overflow based on a stack. Exploiting this vulnerability can allow an attacker to trigger a service failure through a specially crafted POST request...

CVE-2024-23938

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

CVE-2024-23938

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

CVE-2024-23935 Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability

Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device...

CVE-2024-23938 Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

Alpine Halo9 安全漏洞

Alpine Halo9 is a multimedia player from Alpine. A security vulnerability exists in Alpine Halo9 that stems from the DecodeUTF7 function containing a stack-based buffer overflow issue...

CVE-2024-9284

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-9284

TP-LINK TL-WR841ND (versions up to 20240920) is affected by a stack-based buffer overflow in the web UI file /userRpm/popupSiteSurveyRpm.htm triggered by manipulating the ssid parameter. The issue can be exploited remotely over the network. Public exploitation details exist. The provided document...

CVE-2024-9284 TP-LINK TL-WR841ND popupSiteSurveyRpm.htm stack-based overflow

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...