CVE-2022-48130

Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters staticRouteNet, staticRouteMask, staticRouteGateway, staticRouteWAN...

CVE-2021-26727

Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...

CVE-2021-26729

Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

PT-2022-9789 · Lanner · Lanner Inc Iac-Ast2500A

Name of the Vulnerable Software and Affected Versions: Lanner Inc IAC-AST2500A standard firmware version 1.10.0 Description: The issue is related to multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet handler func function of spx restservice. This allows an...

CVE-2022-37814

Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the deviceid parameters in the function addWifiMacFilter...

CVE-2022-25431

Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function...

CVE-2022-25431

Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function...

CVE-2015-2098

Multiple stack-based buffer overflows in WebGate eDVR Manager allow remote attackers to execute arbitrary code via unspecified vectors to the 1 Connect, 2 ConnectEx, or 3 ConnectEx2 function in the WESPEvent.WESPEventCtrl.1 control; 4 AudioOnlySiteChannel function in the...

NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws

U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module SOM series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure. Tracked from...

SUSE: Security Advisory (SUSE-SU-2014:0760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:2088-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : zeek -- Various vulnerabilities (1a6b7641-aed2-4ba1-96f4-c282d5b09c37)

Jon Siwek of Corelight reports : This release fixes the following security issues : - Fix buffer over-read in Ident analyzer - Fix SSL scripting error leading to uninitialized field access and memory leak - Fix POP3 analyzer global buffer over-read - Fix potential stack overflows due to use of...

zeek -- Various vulnerabilities

Jon Siwek of Corelight reports: This release fixes the following security issues: Fix buffer over-read in Ident analyzer Fix SSL scripting error leading to uninitialized field access and memory leak Fix POP3 analyzer global buffer over-read Fix potential stack overflows due to use of...

redis: Heap corruption in lua_cmsgpack.c

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

Advantech WebAccess < 7.2-2014.06.06 Multiple Vulnerabilities

Binary data 9958.prm...

SUSE SLES11 Security Update : gnutls (SUSE-SU-2017:0304-1)

This update for gnutls fixes the following issues : - Malformed asn1 definitions could cause a segmentation fault in the asn1 definition parser bsc961491. - CVE-2016-8610: Remote denial of service in SSL alert handling bsc1005879. - CVE-2017-5335: Decoding a specially crafted OpenPGP certificate...

SUSE SLES11 Security Update : w3m (SUSE-SU-2016:3046-1)

This update for w3m fixes the following issues : - update to debian git version bsc1011293 addressed security issues: CVE-2016-9621: w3m: global-buffer-overflow write bsc1012020 CVE-2016-9622: w3m: null deref bsc1012021 CVE-2016-9623: w3m: null deref bsc1012022 CVE-2016-9624: w3m: near-null deref...

SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2015:2088-2)

The LibVNCServer package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...

SUSE-SU-2015:2088-2 Security update for LibVNCServer

The LibVNCServer package was updated to fix the following security issues: - bsc897031: fix several security issues: CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. CVE-2014-6052: Lack of malloc return value checking on client side. CVE-2014-6053: Server crash on a very large...

SUSE SLED11 / SLES11 Security Update : LibVNCServer (SUSE-SU-2015:2110-1)

The libvncserver package was updated to fix the following security issues : - bsc897031: fix several security issues : - CVE-2014-6051: Integer overflow in MallocFrameBuffer on client side. - CVE-2014-6052: Lack of malloc return value checking on client side. - CVE-2014-6053: Server crash on a ve...