Ashlar Vellum Cobalt 安全漏洞

Ashlar Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar, Inc. A security vulnerability exists in Ashlar Vellum Cobalt that stems from the failure to properly validate the length of user-supplied data before copying it to a stack-based buffer. An attacke...

CBL Mariner 2.0 Security Update: iptraf-ng (CVE-2024-52949)

The version of iptraf-ng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52949 advisory. - iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fail...

CVE-2024-52949

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack...

IPTraf-ng 安全漏洞

IPTraf-ng is an open source console-based Linux network monitoring program from IPTraf-ng. A security vulnerability exists in IPTraf-ng version 1.2.1, which stems from the presence of a stack-based buffer overflow vulnerability...

CVE-2024-52949

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack...

File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c.

...

AutomationDirect C-More EA9 EAP9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Amazon Linux 2022 : vim-common, vim-data, vim-default-editor (ALAS2022-2021-005)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2021-005 advisory. vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3903 A flaw was found in vim. A possible heap-based buffer overflow could allow an attacker to input a specially crafted file leading to...

Debian dla-3977 : xfpt - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3977 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3977-1 [email protected] https://www.debian.org/lts/security/...

CVE-2024-53959

CVE-2024-53959 affects Adobe FrameMaker versions 2020.7, 2022.5 and earlier, due to a Stack-based Buffer Overflow that can lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). The issue is corroborated across multi...

CVE-2024-53959 Adobe Framemaker | Stack-based Buffer Overflow (CWE-121)

Adobe Framemaker versions 2020.7, 2022.5 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49543

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49543 InDesign Desktop | Stack-based Buffer Overflow (CWE-121)

InDesign Desktop versions ID19.5, ID18.5.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49543

CVE-2024-49543 affects Adobe InDesign Desktop versions ID19.5, ID18.5.4 and earlier. The issue is a stack-based buffer overflow that can lead to arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). Connected sources corr...

CVE-2024-49537 After Effects | Stack-based Buffer Overflow (CWE-121)

After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-53041

A vulnerability has been identified in Teamcenter Visualization V14.2 All versions V14.2.0.14, Teamcenter Visualization V14.3 All versions V14.3.0.12, Teamcenter Visualization V2312 All versions V2312.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0016, Tecnomatix Plant Simulation V24...

Adobe After Effects < 24.6.3 / 25.0.0 < 25.1.0 Memory leak (APSB24-95)

The version of Adobe After Effects installed on the remote Windows host is prior to 24.6.3, 25.1.0. It is, therefore, affected by a vulnerability as referenced in the APSB24-95 advisory. - After Effects versions 24.6.2, 25.0.1 and earlier are affected by a Stack-based Buffer Overflow vulnerabilit...

CVE-2024-12352

A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This vulnerability affects the function sub40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The...

CVE-2024-12352

The CVE-2024-12352 entry concerns TOTOLINK EX1800T, version 9.1.0cu.2112_B20220316. It affects the function sub_40662C in /cgi-bin/cstecgi.cgi, where manipulation of the ssid argument triggers a stack-based buffer overflow. This can be exploited remotely and, per multiple sources, the exploit has...

CVE-2024-12352 TOTOLINK EX1800T cstecgi.cgi sub_40662C stack-based overflow

A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This vulnerability affects the function sub40662C of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The...