Stack overflow

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase...

CVE-2023-39281

A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase...

OSV-2023-1093 Stack-buffer-overflow in ndpi_handle_rule

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63746 Crash type: Stack-buffer-overflow WRITE Crash state: ndpihandlerule ndpiloadprotocolsfilefd fuzzfilecfgprotocols.c...

Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3009)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-35554 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A stack-buffer-overflow issue was identified, potentially causing a crash. The crash involves the ndpi handle rule and ndpi load protocols file fd...

Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3032)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-02: Stack Buffer Overflow to Remote Code Execution (RCE) in Moxa NPort W2150a/W2250a

The vulnerability was identified in Moxa NPort W2150a/W2250a v.2.3 and lower. It is possible to execute OS commands on the device as a privileged user root due to a stack buffer overflow vulnerability. Exploitation of the vulnerability is possible for an unauthorized user by sending payloads to a...

Oracle Linux 8 : php:8.0 (ELSA-2023-5927)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5927 advisory. libzip php 8.0.30-1 - rebase to 8.0.30 - Resolves: RHEL-11946 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip Tenable has extracted t...

Ubuntu 20.04 LTS : AOM vulnerabilities (USN-6447-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6447-1 advisory. It was discovered that AOM incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file,...

Ubuntu 16.04 ESM : Long Range ZIP vulnerabilities (USN-5171-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5171-2 advisory. USN-5171-1 fixed vulnerabilities in Long Range ZIP. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

Oracle Linux 9 : php (ELSA-2023-5926)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5926 advisory. 8.0.30-1 - rebase to 8.0.30 - Resolves: RHEL-11946 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE-SU-2023:3954-2 Security update for libeconf

This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econfwriteFile' function bsc1211078. - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'readfile' function...

stack-buffer-overflow in gf_text_get_utf8_line

Description stack-buffer-overflow in gftextgetutf8line at filters/loadtext.c:381. Version git log commit 7edc40feef23efd8c9948292d269eae76fa475af HEAD - master, origin/master, origin/HEAD Author: jeanlf Date: Thu Oct 12 16:58:53 2023 +0200 ./bin/gcc/MP4Box -version MP4Box - GPAC version...

SUSE SLES12 Security Update : opensc (SUSE-SU-2023:4065-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4065-1 advisory. - Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs...

SUSE: Security Advisory (SUSE-SU-2023:4065-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-32722 Stack-buffer Overflow in library module zbxjson

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbxjsonopen...

CVE-2023-35646

In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Stack Buffer Overflow

libjson-c.so is vulnerable to Stack Buffer Overflow. The vulnerability exists in parseit function at jsonparse.c which allows an attacker to cause a buffer overflow resulting in an application crash...

CVE-2023-35646

In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35646

CVE-2023-35646 is documented in multiple sources as a stack buffer overflow in TBD components with missing bounds checks, enabling remote code execution without user interaction. In the Pixel security bulletin, this issue is mapped to the Shannon baseband on Google Pixel devices, classified as RC...