13311 matches found
CVE-2024-45694
CVE-2024-45694 affects certain D-Link wireless routers (e.g., DIR-X4860, DIR-X5460, COVR-X1870) via a stack-based buffer overflow in the device web service that allows unauthenticated remote code execution. The vulnerability is triggered by malformed input to the web service, enabling an attacker...
CVE-2024-45413
The CVE-2024-45413 issue affects the HTTPD binary in multiple ZTE routers. A stack-based buffer overflow in rsa_decrypt, an API wrapper for LUA used to decrypt RSA ciphertext, stores decrypted data on the stack without length checks. This allows an authenticated attacker to achieve remote code ex...
Sony Network Cameras Stack-based Buffer Overflow (CVE-2018-3938)
An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POS...
CVE-2024-41867
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...
CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...
CVE-2024-41867
CVE-2024-41867 affects Adobe After Effects versions 23.6.6, 24.5 and earlier, with an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). remediation is via Adobe APSB24-55 security update (fixed in 23.6....
CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...
Adobe After Effects 缓冲区错误漏洞
Adobe After Effects is a suite of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D compositing, animation and visual effects production. A buffer error vulnerability exists in Adobe After Effects, which stems...
PT-2024-6871 · D Link · D-Link Wireless Routers
Name of the Vulnerable Software and Affected Versions: D-Link wireless routers affected versions not specified Description: The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow issue, which allows unauthenticated remote attackers to exploit this issu...
VulnCheck KEV: CVE-2022-22274
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution in the firewall...
VulnCheck KEV: CVE-2023-0656
A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash...
EulerOS 2.0 SP10 : orc (EulerOS-SA-2024-2449)
According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...
Huawei EulerOS: Security Advisory for orc (EulerOS-SA-2024-2401)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : orc (EulerOS-SA-2024-2426)
According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...
EulerOS 2.0 SP9 : orc (EulerOS-SA-2024-2376)
According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...
MPlayer Lite r33064 Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MPlayer Lite M3U Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in MPlayer Lite r33064,...
In Gluster GlusterFS 11.0 there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.
...
MGASA-2024-0288 Updated orc packages fix security vulnerability
Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...
CVE-2024-41170
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...
CVE-2024-41170
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...