Fedora 39 : editorconfig (2024-deddae25dd)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-deddae25dd advisory. Update to 0.12.7: fix pointer overflow in STRINGCAT; fix a few more stack buffer overflows. Tenable has extracted the preceding description block directly fr...

Tenda F1202 fromwebExcptypemanFilter function stack buffer overflow vulnerability

The Tenda F1202 is a network device that provides network connectivity and data transfer capabilities. A stack buffer overflow vulnerability exists in the Tenda F1202 fromwebExcptypemanFilter function due to incorrect boundary checking of the webExctypeman Filter function in the...

Tenda F1202 fromqossetting function stack buffer overflow vulnerability

The Tenda F1202 is a dual-band Wi-Fi router with fifth-generation technology from China's Tenda. A stack buffer overflow vulnerability exists in the Tenda F1202 fromqossetting function, which can be exploited by an attacker to cause a buffer overflow and execute arbitrary code on the system...

Tenda F1202 fromVirtualSer Function Stack Buffer Overflow Vulnerability

The Tenda F1202 is a dual-band Wi-Fi router with fifth-generation technology from China's Tenda. A stack buffer overflow vulnerability exists in the Tenda F1202 fromVirtualSer function, which can be exploited by an attacker to cause a buffer overflow and execute arbitrary code on the system...

Tenda W20E Stack Buffer Overflow Vulnerability

The Tenda W20E is a wireless router developed by Tenda to provide wireless network connectivity and management capabilities. The Tenda W20E suffers from a stack buffer overflow vulnerability that originates from improper handling of the remoteIP parameter in the formSetRemoteWebManage function in...

Tenda W30E formSetCfm Function Stack Buffer Overflow Vulnerability

The Tenda W30E is a wireless router developed by Tenda to provide a stable network connection for homes and small offices. A stack buffer overflow vulnerability exists in the formSetCfm function of the /goform/setcfm file in Tenda W30E version 1.0.1.25633. An attacker can exploit this vulnerabili...

Tenda F1202 fromNatlimit function has a stack buffer overflow vulnerability

The Tenda F1202 is a networking device for network connectivity and data transfer in homes and small businesses. A stack buffer overflow vulnerability exists in the fromNatlimit function of the /goform/Natlimit file in the Tenda F1202 version 1.2.0.20408. An attacker can exploit this vulnerabilit...

Tenda AC10 安全漏洞

Tenda AC10U is a dual-band Gigabit wireless router from Tenda Technology, designed for 200 megabit and above fiber optic homes, supporting 802.11ac dual-band technology 2.4GHz and 5GHz, with a theoretical WiFi rate of up to 867Mbps. The Tenda AC10U suffers from a stack buffer overflow vulnerabili...

Tenda W30E 安全漏洞

Tenda W30E is a wireless router developed by Tenda. The device provides wireless network connectivity and Internet access. A stack buffer overflow vulnerability exists in the frmL7PlotForm function of the /goform/frmL7ProtForm file in Tenda W30E version 1.0.1.25633. The vulnerability is due to...

Debian dsa-5660 : libapache2-mod-php7.4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5660 advisory. - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables...

Debian dsa-5661 : libapache2-mod-php8.2 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5661 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5661-1...

Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Dumador.c Vulnerability: Remote Stack Buffer Overflow SEH Description: The...

openSUSE Security Advisory (openSUSE-SU-2024:0106-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : sngrep (openSUSE-SU-2024:0106-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0106-1 advisory. - A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP header...

CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

CVE-2024-3120

CVE-2024-3120 affects all versions of sngrep since v1.4.1. A stack-buffer overflow arises from inadequate bounds checking when copying the SIP headers ‘Content-Length’ and ‘Warning’ into fixed-size buffers in src/sip.c (sip_validate_packet and sip_parse_extra_headers). This allows remote attacker...

CVE-2024-3120 Stack-Buffer Overflow in 'Content-Length' and 'Warning' Header Processing in sngrep

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

CVE-2023-49913

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...