13311 matches found
CVE-2024-30273
Illustrator versions 28.3, 27.9.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2024-23312 · Adobe · Illustrator
Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 28.3, 27.9.2 and earlier Description: The issue is a Stack-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction...
Juniper Junos OS Vulnerability (JSA79110)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79110 advisory. - An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line...
CVE-2024-20772 Adobe Media Encoder 2024 AI file parsing Stack based buffer overflow
Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-2794 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_deliver() function
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...
Buffer Overflow
org.apfloat:apfloat is vulnerable to Stack-based Buffer Overflow. The vulnerability is due to improper input validation within the org.apfloat.internal.DoubleModMath::modPow method, which can result in Denial of Service if an attacker can input arbitrary values to the method...
CVE-2023-49910
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49907
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49909
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49909
Talos reports a stack-based buffer overflow in Tp-Link AC1350 (EAP225 V3) Web UI, specifically in the Radio Scheduling endpoint. The vulnerability (CVE-2023-49909) is triggered by crafted POST requests to /data/scheduler.association.json with operation not equal to read or load (commonly operatio...
CVE-2023-49910
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49907
Talos-1888 details a stack-based buffer overflow in TP-Link AC1350 (EAP225 V3) firmware v5.1.0 Build 20220926, caused by the handling of newline-delimited POST parameters (ssid, band, profile, action) in /data/scheduler.association.json. Specifically, the vulnerability arises from unsafe copying ...
CVE-2023-49911
Talos details CVE-2023-49911 in Tp-Link AC1350 (EAP225 V3) and EAP115 (v5.x) web interfaces. The flaw is a stack-based buffer overflow in the Radio Scheduling endpoint exposed via POST /data/scheduler.association.json. In the vulnerable code path, postScheAssocSsidDataJson routes requests with op...
CVE-2023-49913
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49911
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49907
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49912
CVE-2023-49912 describes a stack-based buffer overflow in the TP-Link AC1350 series (EAP225 V3) and EAP115 web interfaces, exposed through the Radio Scheduling feature. The vulnerability exists in the POST endpoint /data/scheduler.association.json, where an authenticated HTTP request with a craft...
CVE-2023-49911
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2023-49907
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
TP-LINK AC1350 缓冲区错误漏洞
The TP-LINK AC1350 is a router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK AC1350 that stems from a stack-based buffer overflow vulnerability in the radio scheduling feature of the web interface. An attacker exploiting this vulnerability could cause remote code executio...