13311 matches found
CVE-2024-23110
CVE-2024-23110 describes a stack-based buffer overflow in Fortinet FortiOS serving FortiGate devices. Affected products include FortiOS versions 7.4.0–7.4.2, 7.2.0–7.2.6, 7.0.0–7.0.13, 6.4.0–6.4.14, 6.2.0–6.2.15, and 6.0 (all sub-versions). The underlying issue is an overflow vulnerability in com...
CVE-2024-23110
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands...
Hirschmann HiOS Switches Stack-based Buffer Overflow (CVE-2019-12256)
This vulnerability resides in the IPv4 option parsing and may be triggered by IPv4 packets containing invalid options. The most likely outcome of triggering this defect is that the tNet0 task crashes. This vulnerability can result in remote code execution. This plugin only works with Tenable.ot...
CentOS 7 : glibc (RHSA-2024:3588)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3588 advisory. - The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings ...
CVE-2024-0444
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2024-0444 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2024-0444 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2024-5305
Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...
CVE-2024-5305
Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...
CVE-2024-5305
Kofax Power PDF is affected by CVE-2024-5305 due to a PDF parsing vulnerability that allows stack-based buffer overflow leading to remote code execution. The flaw stems from insufficient validation of the length of user-supplied data before copying it into a fixed-length stack buffer. This can en...
Important: Red Hat Security Advisory: glibc security update
An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 7 : glibc (RHSA-2024:3588)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3588 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...
SUSE SLED15: glibc / glibc-32bit / glibc-devel / glibc-devel-32bit / etc (SUSE-SU-2024:1895-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1895-1 advisory. - CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd bsc1223423 -...
CVE-2023-52162
Mercusys MW325R EU V3 Firmware MW325REUV31.11.0 Build 221019 is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. Exploiting the vulnerability requires authentication...
CVE-2023-52162
Mercusys MW325R EU V3 Firmware MW325REUV31.11.0 Build 221019 is vulnerable to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code. Exploiting the vulnerability requires authentication...
CVE-2024-36728
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlansetting with a sufficiently long dns1 or dns 2 key...
CVE-2024-36729
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizardipv6 with a sufficiently long reboottype key...
CVE-2024-36729
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizardipv6 with a sufficiently long reboottype key...
CVE-2024-36729
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizardipv6 with a sufficiently long reboottype key...
RHEL 6 : cracklib (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cracklib: Stack-based buffer overflow when parsing large GECOS field CVE-2016-6318 Note that Nessus has not tested...