6902 matches found
Stack overflow
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due ...
CVE-2021-35393
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due ...
CVE-2021-35393
Concrete details exist for Realtek Jungle SDK vulnerabilities (CVE-2021-35392, -35393, -35394, -35395). Realtek Jungle SDK v2.x–v3.4.14B runs a WiFi Simple Config/UPnP/SSDP server (named wscd or mini_upnpd) and separate management interfaces. Root causes include unsafe handling of submitted param...
CVE-2021-35395
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affect...
CVE-2021-35395
Realtek Jungle SDK (Realtek AP-Router/IoT SDK) CVE-2021-35395 enables multiple stack-buffer overflows and command-injection flaws in the HTTP web server management interface (Go-Ahead webs and Boa-based). Affected forms include reboot, WSC/auth, WLANMultiAP, SiteSurvey, StaticDHCP, and peerPin-ba...
Xmill Stack Buffer Overflow Vulnerability (CNVD-2021-94931)
Xmill is an efficient compressor of XML data. a stack buffer overflow vulnerability exists in the command line parsing HandleFileArg function in Xmill version 0.7. An attacker could exploit the vulnerability by providing malicious input via the filepattern parameter to cause a denial of service...
CVE-2021-35395
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affect...
CVE-2021-21813
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflo...
Stack overflow
A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to...
CVE-2021-21815
A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to...
CVE-2021-21813
AT&T Labs Xmill 0.7 contains a stack-based buffer overflow in the command-line handle argument path. In HandleFileArg, the filepattern supplied by the user is copied into a fixed-size buffer (400 bytes) via unsafe copy operations (memcpy/strcpy/strlen), without proper length checks. This can over...
CVE-2021-20314
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages...
CVE-2021-20314
CVE-2021-20314 concerns the libspf2 library (versions below 1.2.11). The vulnerability is a stack-buffer overflow when processing certain SPF macros that can lead to denial of service and potentially code execution via crafted SPF explanation messages. Related advisories (GLSA-202401-22) describe...
CVE-2021-20314
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages...
CVE-2021-20314
Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages...
Debian DLA-2739-1 : libspf2 - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2739 advisory. - Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious craft...
Debian DSA-4955-1 : libspf2 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dsa-4955 advisory. - Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious...
NETGEAR R6400 Stack Buffer Overflow Vulnerability (CNVD-2022-06699)
NETGEAR R6400 is an AC1750 dual-band WiFi router.A stack buffer overflow vulnerability exists in versions prior to NETGEAR R6400 1.0.1.52. No details of the vulnerability are currently available...
fig2dev stack buffer overflow vulnerability
fig2dev is used to convert .fig files to various graphics languages and formats. A stack buffer overflow vulnerability exists in the putarrow component of genpict2e.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to...
HackTool.Win32.Hidd.b Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/665a408981294ca49be23096363eec2f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.Hidd.b Vulnerability: Remote Stack Buffer Overflow UDP Datagram Description: The...