CVE-2023-50239

Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...

CVE-2023-50240

Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...

CVE-2023-50244

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

CVE-2023-50243

Realtek rtl819x Jungle SDK v3.4.11 (Boa web server) contains two stack-based buffer overflow vulnerabilities in boa formIpQoS: CVE-2023-50243 (comment) and CVE-2023-50244 (entry_name). Exploitation via specially crafted HTTP requests to /boafrm/formIpQoS can lead to remote code execution; PoCs ar...

CVE-2023-50243

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

CVE-2023-41251

A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2023-50243

Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

CVE-2023-49867

CVE-2023-49867 describes a stack-based buffer overflow in the Realtek rtl819x Jungle SDK v3.4.11, specifically the boa web server API /boafrm/formWsc. The vulnerability stems from an unsafe handling of the targetAPMac parameter: the code copies hexadecimal characters into a stack buffer (targetAP...

CVE-2023-50330

A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability...

Security Bulletin: Fasterxml jackson-databind vulnerability affect IBM Spectrum Control

Summary Fasterxml jackson-databind is vulnerable to a denial of service. This vulnerability affect IBM Spectrum Control. CVE-2023-35116. Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By...

Realtek rtl819x Jungle SDK boa formFilter stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1875 Realtek rtl819x Jungle SDK boa formFilter stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-49073 SUMMARY A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.1...

Realtek rtl819x Jungle SDK boa getInfo stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1903 Realtek rtl819x Jungle SDK boa getInfo stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-50330 SUMMARY A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A...

Realtek rtl819x Jungle SDK boa setRepeaterSsid stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1891 Realtek rtl819x Jungle SDK boa setRepeaterSsid stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-45215 SUMMARY A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle...

Realtek rtl819x Jungle SDK boa rollback_control_code stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1878 Realtek rtl819x Jungle SDK boa rollbackcontrolcode stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-49595 SUMMARY A stack-based buffer overflow vulnerability exists in the boa rollbackcontrolcode functionality of Realtek rtl819x...

Realtek rtl819x Jungle SDK boa formDnsv6 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1876 Realtek rtl819x Jungle SDK boa formDnsv6 stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-48270 SUMMARY A stack-based buffer overflow vulnerability exists in the boa formDnsv6 functionality of Realtek rtl819x Jungle SDK v3.4.11....

Realtek rtl819x Jungle SDK boa set_RadvdPrefixParam stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1892 Realtek rtl819x Jungle SDK boa setRadvdPrefixParam stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-47856 SUMMARY A stack-based buffer overflow vulnerability exists in the boa setRadvdPrefixParam functionality of Realtek rtl819x...

Realtek rtl819x Jungle SDK boa formIpQoS stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1895 Realtek rtl819x Jungle SDK boa formIpQoS stack-based buffer overflow vulnerabilities July 8, 2024 CVE Number CVE-2023-50243,CVE-2023-50244 SUMMARY Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x...

SUSE CVE-2024-29506

Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name...

CVE-2024-29507

A flaw was found in Ghostscript. Under specific conditions, the cidfsubstpath and cidfsubstfont parameters set by corresponding Postscript objects are used to load substitute fonts in pdfiopenCIDFontsubstitutefile. The values are copied via memcpy into the fontfname buffer without bounds checks...

CVE-2024-29506

A flaw was found in Ghostscript. The PDFDEBUG flag controls the value of ctx-args.debug. In pdfiapplyfilter. This issue enables the execution of a memcpy into a stack buffer, without bounds checks. A filter name larger than 100 will overflow the str buffer, which may lead to an application crash ...