PT-2023-8298 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

OSV-2023-560 Stack-buffer-overflow in sc_pkcs15_get_lastupdate

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60527 Crash type: Stack-buffer-overflow READ Crash state: scpkcs15getlastupdate generatecachefilename scpkcs15readcachedfile...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2023-56535)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

Tenda FH1203 formSetDeviceName method stack buffer overflow vulnerability

Tenda FH1203 is a dual-band wireless router from China's Tenda, mainly used for home network coverage and enhancement. The Tenda FH1203 suffers from a stack buffer overflow vulnerability that originates from the deviceId parameter of the formSetDeviceName method failing to properly validate the...

PT-2023-35905 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack buffer overflow read. Technical details include a crash state involving the sc pkcs15 get lastupdate, generate cache...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2023-56536)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

The vulnerability of the xml_sax_parse() function (src/utils/xml_parser.c) in the GPAC multimedia platform allows a hacker to induce a service failure.

The vulnerability of the xmlsaxparse function src/utils/xmlparser.c in the GPAC multimedia platform is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2023-8217 · D Link · D-Link G416

Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. The specific flaw exists within the HTTP service listening on TC...

pdfcrack 缓冲区错误漏洞

pdfcrack is a command line password recovery tool for PDF files from the individual developer Henning Noren. A security vulnerability exists in pdfcrack versions 0.17 through 0.18, which originates from the execution of arbitrary code via a stack-based buffer error in the MD5 function...

ASB-A-261068592

In gattendoperation of gattutils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Amazon Linux 2 : opensc (ALAS-2023-2102)

The version of opensc installed on the remote host is prior to 0.19.0-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2102 advisory. A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 A use after return...

Medium: opensc

Issue Overview: A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 A use after return issue was found in Opensc before version 0.22.0 in insertpin function that could potentially crash programs using the library. CVE-2021-42780 Heap buffer overflo...

CVE-2023-0972

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

CVE-2023-3110

Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

CVE-2023-3110

Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

Design/Logic Flaw

Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

Design/Logic Flaw

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

CVE-2023-3110

CVE-2023-3110 affects SiLabs Unify Gateway versions 1.3.1 and earlier. The vulnerability is a stack buffer overflow in S0 decryption that can allow an unauthenticated attacker within Z‑Wave range to achieve arbitrary code execution. Public details consistently cite the affected software as Unify ...

CVE-2023-0972 Buffer overflow in S0 Decryption on Z/IP Gatweay

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...