Fedora: Security Advisory (FEDORA-2024-c83b7dcae0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the VS6ComFile!CV7BaseMap::WriteV7DataToRom() function of the Monitouch V-SFT HMI configuration software allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause service failure.

The vulnerability of the VS6ComFile!CV7BaseMap::WriteV7DataToRom function of the HMI configuration software for Monitouch V-SFT lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected informatio...

Vulnerability of the VS6EditData!CDrawSLine::GetRectArea() function of the HMI configuration software for Monitouch V-SFT: This vulnerability allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the VS6EditData!CDrawSLine::GetRectArea function of the HMI configuration software for Monitouch V-SFT is related to the occurrence of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

The vulnerability of the web_radiusSrv_post() function in PLANET Technology’s microcontroller software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the webradiusSrvpost function in PLANET Technology’s microcontroller software stems from the operation of the function beyond the buffer boundaries in memory when processing the radIpkey parameter. Exploiting this vulnerability could allow an attacker to compromise the...

CVE-2023-28638

Snappier is a high performance C implementation of the Snappy compression algorithm. This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. In this release, much of the code was rewritten to use byte references rather than pointers to pinned buffers. This change...

CVE-2023-0200

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formDosCfg file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component in the /boafrm/formDosCfg file of the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attack...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formSetLg file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formSetLg file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacke...

CVE-2021-20166

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton...

CVE-2019-14021

Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and payload size received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...

CVE-2019-5273

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...

CVE-2019-11467

In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like \t, , it caused buffer overrun as encoded string would be much larger than accounted for, causing indexer service to crash and restart...

CVE-2019-14041

During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobil...

CVE-2019-8166

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a buffer overrun vulnerability. Successful exploitation could lead to arbitrary code execution...

ROS-20250515-14

A vulnerability in the WPE WebKit and WebKitGTK web page display modules is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. confidential data,...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to disclose protected information.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

Alibaba Cloud Linux 3 : 0006: tpm2-tss (ALINUX3-SA-2024:0006)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0006 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-22745: tpm2-tss is an open source software...

Alibaba Cloud Linux 3 : 0001: opensc (ALINUX3-SA-2024:0001)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0001 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-2977: A vulnerbility was found in OpenSC...

kernel: tipc: guard against string buffer overrun

No description is available for this CVE...

Tenda AC10 安全漏洞

Tenda AC10 is a dual-band Gigabit wireless router from Tenda China. The Tenda AC10 suffers from a buffer overflow vulnerability that originates from the formSetPPTPUserList handler failing to properly validate the length of input data, which can be exploited by an attacker to execute arbitrary co...