PT-2023-25236 · Google · Android

Name of the Vulnerable Software and Affected Versions: TBD affected versions not specified Description: The issue is related to a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction...

Google Pixel Buffer Error Vulnerability

Google Pixel is a smartphone from Google Inc USA. Google Pixel suffers from a security vulnerability that stems from a lack of bounds checking in the TBD component and a possible stack buffer overflow. This could lead to remote code execution without additional execution privileges...

Siemens Parasolid Stack Buffer Overflow Vulnerability

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. A stack buffer overflow vulnerability exists in Siemens Parasolid due to a stack overflow vulnerability contained in an affected...

OSV-2023-993 Stack-buffer-overflow in entersafe_reverse_buffer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63104 Crash type: Stack-buffer-overflow READ 1 Crash state: entersafereversebuffer entersafegenkey entersafecardctlNUMBER...

PT-2023-36069 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash occurs in the following functions: entersafe reverse buffer, entersafe gen key, and...

OSV-2023-984 Stack-buffer-overflow in TranslateWord3

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63064 Crash type: Stack-buffer-overflow READ 4 Crash state: TranslateWord3 CombineFlag TranslateWord2...

PT-2023-36065 · Git +1 · Espeak-Ng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash state includes functions such as TranslateWord3, CombineFlag, and TranslateWord2. N...

D-Link DAP-1325 SetAPLanSettings Gateway Stack Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 is a wireless network extender made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network and wireless network or connect to different wireless networks. The D-Link DAP-1325 suffers from a stack buffer overflow remote code...

D-Link DAP-1325 get_value_from_app stack buffer overflow remote code execution vulnerability

D-Link DAP-1325 is a wireless network extender made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network and wireless network or connect to different wireless networks. The D-Link DAP-1325 suffers from a stack buffer overflow remote code...

D-Link DAP-1325 SetAPLanSettings Stack Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 is a wireless network extender made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network and wireless network or connect to different wireless networks. The D-Link DAP-1325 suffers from a stack buffer overflow remote code...

PT-2023-6108 · D Link · D-Link Dap-1325

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1325 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. The specific flaw exists within the handling of XML data...

SUSE-SU-2023:3954-1 Security update for libeconf

This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econfwriteFile' function bsc1211078. - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'readfile' function...

Tenda AC10U formWifiBasicSet function stack buffer overflow vulnerability

Tenda AC10U is a dual-band Gigabit wireless router from Tenda Technology, designed for 200 megabit and above fiber optic homes, supporting 802.11ac dual-band technology 2.4GHz and 5GHz, with a theoretical WiFi rate of up to 867Mbps. The Tenda AC10U suffers from a stack buffer overflow vulnerabili...

Tenda AC10 缓冲区错误漏洞

Tenda AC10U is a dual-band Gigabit wireless router from Tenda Technology, designed for 200 megabit and above fiber optic homes, supporting 802.11ac dual-band technology 2.4GHz and 5GHz, with a theoretical WiFi rate of up to 867Mbps. The Tenda AC10U suffers from a stack buffer overflow vulnerabili...

Tenda AC10 缓冲区错误漏洞

Tenda AC10U is a dual-band Gigabit wireless router from Tenda Technology, designed for 200 megabit and above fiber optic homes, supporting 802.11ac dual-band technology 2.4GHz and 5GHz, with a theoretical WiFi rate of up to 867Mbps. The Tenda AC10U suffers from a stack buffer overflow...

CVE-2023-43632 Freely Allocate Buffer on The Stack With Data From Socket

As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The communication with this server is done using...

Ivanti Avalanche MDM Buffer Overflow

This module exploits a buffer overflow condition in Ivanti Avalanche MDM versions before v6.4.1. An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in arbitrary code execution with the NT/AUTHORITY SYSTEM permissions. This vulnerability occurs...

SUSE-SU-2023:3639-1 Security update for libeconf

This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econfwriteFile' function bsc1211078. - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'readfile' function...

Ivanti Avalanche MDM Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Avalanche MDM Buffer Overflow', 'Description' = %q This module exploits a buffer overflow condition in Ivanti Avalanche MDM versions befor...

OSV-2023-849 Stack-buffer-overflow in ulocimp_toLanguageTag_74

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62348 Crash type: Stack-buffer-overflow WRITE 1 Crash state: ulocimptoLanguageTag74 icu74::Locale::toLanguageTag localemorphfuzzer.cpp...