CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

The vulnerability of the fromSetLPBind function in Tenda FH1206 microprogramming router software allows a hacker to cause a service failure.

The vulnerability of the fromSetLPBind function in Tenda FH1206 router microprogramming software is related to buffer overflow based on a stack. Exploiting this vulnerability can allow an attacker to trigger a service failure through a specially crafted POST request...

CVE-2024-23938

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

CVE-2024-23938

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

CVE-2024-23935 Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability

Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device...

CVE-2024-23938 Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

Alpine Halo9 安全漏洞

Alpine Halo9 is a multimedia player from Alpine. A security vulnerability exists in Alpine Halo9 that stems from the DecodeUTF7 function containing a stack-based buffer overflow issue...

CVE-2024-9284

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-9284 TP-LINK TL-WR841ND popupSiteSurveyRpm.htm stack-based overflow

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-9284

TP-LINK TL-WR841ND (versions up to 20240920) is affected by a stack-based buffer overflow in the web UI file /userRpm/popupSiteSurveyRpm.htm triggered by manipulating the ssid parameter. The issue can be exploited remotely over the network. Public exploitation details exist. The provided document...

CVE-2024-9284 TP-LINK TL-WR841ND popupSiteSurveyRpm.htm stack-based overflow

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2022-23219]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-23219 Vulnerability Details CVEID:CVE-2022-23219 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by...

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2022-23218]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-23218 Vulnerability Details CVEID:CVE-2022-23218 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by...

CVE-2024-23934

Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-23933

CVE-2024-23933 affects Sony XAV-AX5500 cars units via a CarPlay TLV stack-based buffer overflow. The root cause is insufficient validation of user-supplied data length before copying to a fixed-size stack buffer, enabling remote code execution when a physically present attacker exploits the proto...

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

A critical security flaw has been disclosed in the Microchip Advanced Software Framework ASF that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a...

CVE-2024-31570

libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file...

CVE-2024-31570

libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file...

A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server

Overview A stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework ASF that can lead to remote code execution. Description An implementation of DHCP in ASF fails input validation, thereby creating conditions for a stack-based overflow. The...