SUSE CVE-2019-11759

An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

SUSE CVE-2019-11760

A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

SUSE CVE-2020-7065

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mbstrtolower function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution...

SUSE CVE-2020-36131

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/ratehist.c...

SUSE CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

SUSE CVE-2022-0194

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the adaddcomment function. The issue results from the lack of proper validation of the length o...

SUSE CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

Adobe Animate 缓冲区错误漏洞

Adobe Animate is a Flash animation software from Adobe. Adobe Animate is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

Advisory ROSA-SA-2023-2113

Software: kernel 3.10.0-1160.83.1.el7 OS: rosa-server79 packageevrstring: kernel-3.10.0-1160.83.1.el7 CVE-ID: CVE-2023-0179 BDU-ID: 2023-00383 CVE-Crit: HIGH CVE-DESC: A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5179)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. This plugin only works with Tenable.ot...

Siemens Solid Edge Stack Buffer Overflow Vulnerability

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. The software can be used for part design, assembly design, sheet metal design, welding design, etc. Siemens Solid Edge is vulnerable to a stack buffer overflow vulnerability, which can be exploited by attackers to execute cod...

Wago PFC200 iocheckd service 'I/O-Check' cache DNS code execution vulnerability (CVE-2019-5166)

An exploitable stack buffer overflow vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacke...

WAGO I/O-CHECK Buffer Access with Incorrect Length Value (CVE-2019-5074)

An exploitable stack buffer overflow vulnerability exists in the iocheckd service ''I/O-Check'' functionality of WAGO PFC200 Firmware version 03.01.0713, WAGO PFC200 Firmware version 03.00.3912 and WAGO PFC100 Firmware version 03.00.3912. A specially crafted set of packets can cause a stack buffe...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5178)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5176)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5177)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. The destination buffer sp+0x440 is overflowed with the call to sprintf for any domainname values that are greater than...

Siemens JT Open Toolkit 安全漏洞

Siemens JT Open Toolkit Siemens JTTK is a C++ application programming interface API from Siemens, Germany. It provides support for 64-bit application development on Microsoft Windows, Linux and MacOS. Siemens JT Open Toolkit suffers from a stack buffer overflow vulnerability that can be exploited...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5181)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in cod...

Denial Of Service (DoS)

libde265 is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack buffer overflow in the putqpelfallback function, allowing an attacker to cause an application crash through the maliciously crafted file...

SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

Summary The SOUND4 Link&Share L&S is a simple and open protocol that allow users to remotely control SOUND4 processors through a network connection. SOUND4 offers a tool that manage sending L&S commands to your processors: the Link&Share Transmitter. Description The application suffers from a...