Adobe Animate 安全漏洞

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

CVE-2024-31449

A flaw was found in Redis. This flaw allows an authenticated user to use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. Mitigation Mitigation for this...

CVE-2024-31449

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scriptin...

ALPINE-CVE-2024-31449

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scriptin...

CVE-2024-31449

CVE-2024-31449 affects Redis with Lua scripting. An authenticated user can trigger a stack overflow in the Lua bit library via a crafted script, potentially enabling remote code execution. The issue affects all Redis versions that support Lua scripting and is fixed in Redis 6.2.16, 7.2.6, and 7.4...

CVE-2024-31449

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scriptin...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a stack buffer overflow contained in the Power Management IC...

CVE-2024-41586

A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component...

K000141317: PHP vulnerabilities CVE-2017-9225, CVE-2017-8923, CVE-2016-7413, CVE-2016-9935, and CVE-2016-7417

Security Advisory Description CVE-2017-9225 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point...

PT-2024-9624

Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description A stack-buffer overflow has been detected in the gst opus dec parse header function within gstopusdec.c. The pos array is a stack-allocated buffer of size 64. If n channels exceeds 64, the for lo...

Backdoor.Win32.Prorat.jz MVID-2024-0699 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Prorat.jz Vulnerability: Remote Stack Buffer Overflow SEH Description: The RAT...

PT-2024-10158

Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description A stack-buffer overflow has been detected in the vorbis handle identification packet function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels...

kernel: usb-storage: alauda: Fix uninit-value in alauda_check_media()

An uninitialized value vulnerability was found in the alauda USB storage driver in the Linux kernel. In alaudacheckmedia, the function does not verify that USB transfer operations succeeded before using the received data. If a transfer fails, uninitialized memory may be accessed, leading to...

Sony XAV-AX5500 安全漏洞

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. The SONY XAV-AX5500 suffers from a stack buffer overflow vulnerability that stems from an extended content description object built in a WMV media file that can trigger an...

file: Stack Buffer Overread

Background The file utility attempts to identify a file’s format by scanning binary data for patterns. Description Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Impact File has an stack-based buffer over-read in filecopystr ...

GLSA-202409-06 : file: Stack Buffer Overread

The remote host is affected by the vulnerability described in GLSA-202409-06 file: Stack Buffer Overread Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...

SUSE SLES12 Security Update : qemu (SUSE-SU-2024:3229-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3229-1 advisory. - CVE-2024-3447: Fix heap buffer overflow in sdhciwritedataport. bsc1218485 - CVE-2023-6693: Fix stack buffer overflow in...

SUSE-SU-2024:3229-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-3447: Fix heap buffer overflow in sdhciwritedataport. bsc1218485 - CVE-2023-6693: Fix stack buffer overflow in virtionetflushtx. bsc1218484...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2024-38014)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A stack buffer overflow vulnerability exists in Siemen...

Mageia: Security Advisory (MGASA-2024-0289)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...