CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

CVE-2023-34551

In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0...

CVE-2023-34551

EZVIZ CVE-2023-34551 describes two stack buffer overflows in the netClientSetWlanCfg function of the EZVIZ SDK command server that allow an authenticated attacker on the same LAN to achieve remote code execution. Affected CS-C6N-B0-1G2WF, CS-C6N-R101-1G2WF, CS-CV310-A0-1B2WFR, CS-CV310-A0-1C2WFR-...

CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

CVE-2023-34551

In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0...

Mozilla Firefox ESR < 102.14

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-30 advisory. - Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, an...

Security Vulnerabilities fixed in Firefox ESR 115.1 — Mozilla

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect...

UBUNTU-CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

AdvanceMAME Stack Buffer Overflow Vulnerability

AdvanceMAME is a port of the MAME 0.106 and MESS 0.106 emulators from AdvanceMAME, Inc. For arcade monitors and TVs, also for LCD and PC monitors. AdvanceMAME suffers from a stack buffer overflow vulnerability due to incorrect bounds checking performed by function png\u convert\u 4 in file...

OSV-2023-609 Stack-buffer-overflow in sc_pkcs15_get_lastupdate

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60769 Crash type: Stack-buffer-overflow READ Crash state: scpkcs15getlastupdate generatecachefilename scpkcs15readcachedfile...

PT-2023-35921 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack buffer overflow read. Technical details include a crash state involving the sc pkcs15 get lastupdate, generate cache...

The TeleAdapt RoomCast TA-2400 is an all-in-one, self-contained, top-of-the-line content streaming box for guest rooms from TeleAdapt UK. The TeleAdapt RoomCast TA-2400 suffers from an elevation of privilege vulnerability that is caused by improper access control of the Android Debug Bridge (ADB). An attacker can exploit the vulnerability to gain elevated root privileges.

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from a stack buffer overflow vulnerability that stems from incorrect boundary...

CVE-2021-34123

An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf in asm.c allows attackers to execute arbitrary code on the system via a crafted file...

Stack overflow

An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf in asm.c allows attackers to execute arbitrary code on the system via a crafted file...

CVE-2021-34123

An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf in asm.c allows attackers to execute arbitrary code on the system via a crafted file...

AdvanceMAME 缓冲区错误漏洞

AdvanceMAME is a port of the MAME 0.106 and MESS 0.106 emulators from AdvanceMAME, Inc. For arcade monitors and TVs, also for LCD and PC monitors. AdvanceMAME suffers from a stack buffer overflow vulnerability due to incorrect bounds checking performed by function png\u convert\u 4 in file...

CVE-2021-34123

CVE-2021-34123 affects ATasm version 1.09, with a stack-buffer-overflow in function aprintf() in asm.c that lets an attacker execute arbitrary code via a crafted file. Several sources (NVD, Red Hat, PRION, CNNVD, CVE lists) corroborate the same description, including CVSS 3.1 base score 9.8 (Netw...

OSV-2023-567 Stack-buffer-overflow in initialize_encryption_key

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60563 Crash type: Stack-buffer-overflow READ Crash state: initializeencryptionkey cliole2extract cliscanole2...

IBM DB2 Stack Buffer Overflow Vulnerability

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from a stack buffer overflow vulnerability that stems from incorrect boundary...

PT-2023-35907 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash occurs in the initialize encryption key function, which is called by cli ole2 extra...