The vulnerability of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8, which is part of the microprogramming software for TOTOLINK N350RT routers, allows a hacker to execute arbitrary code.

The vulnerability of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 in the microprogramming software for TOTOLINK N350RT routers is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the authentication function in the httpd API-AUTH Digest service of D-Link G416 microprogrammed router software allows a attacker to execute arbitrary code.

The vulnerability of the HTTP Digest authentication function in the httpd API-AUTH service of D-Link G416 microprogrammed router software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

squid34 security update

7:3.4.14-15.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053795...

squid security update

7:3.1.23-24.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053765...

OSV-2024-9 Stack-buffer-overflow in _canonicalize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65635 Crash type: Stack-buffer-overflow READ Crash state: canonicalize ulocimpgetBaseName75 uresopenWithType...

PT-2024-40872 · Git +1 · Icu

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash state involves several functions, including canonicalize, ulocimp getBaseName 75, a...

[SECURITY] [DLA 3709-1] squid security update

Debian LTS Advisory DLA-3709-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 09, 2024 https://wiki.debian.org/LTS Package : squid Version : 4.6-1+deb10u9 CVE ID : CVE-2023-46846 CVE-2023-46847 CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Debian Bug :...

Fedora 39 : espeak-ng (2024-5661c87b25)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5661c87b25 advisory. Security fix for CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994. Tenable has extracted the preceding description blo...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325

CVE-2023-34325 concerns Xen’s copy of libfsimage (derived from grub) used by pygrub. A stack buffer overflow can be triggered by guest-controlled input when pygrub runs with superuser privileges in a privileged domain. Xen notes patches to run pygrub in deprivileged mode to avoid exploitation. CV...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

Pico HTTP Server in C Security Vulnerability

Pico HTTP Server in C is a very simple Unix HTTP server from the individual developer Aleksey Kurepin. A security vulnerability exists in Pico HTTP Server in C, which stems from a stack buffer overflow in the voidroute function in main.c, leading to remote code execution...

OSV-2024-3 Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65486 Crash type: Stack-buffer-overflow WRITE 1 Crash state: icu75::TZDBTimeZoneNames::getMetaZoneNames icu75::TZDBTimeZoneNames::getMetaZoneDisplayName TestNames...

Stack overflow

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

CVE-2023-6693 Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

Stack Buffer Overflow

MP3Gain is vulnerable to Stack Buffer Overflow. The vulnerability is caused due to the WriteMP3GainAPETag function.This potentially leads to Denial of Service DoS Attack...

NewStart CGSL MAIN 6.06 : cairo Vulnerability (NS-SA-2023-0077)

The remote NewStart CGSL host, running version MAIN 6.06, has cairo packages installed that are affected by a vulnerability: - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's...