PT-2023-25594 · NetGear · Netgear Xr300

Name of the Vulnerable Software and Affected Versions: Netgear XR300 version 1.0.3.78 Description: The issue concerns multiple buffer overflows that can be triggered via the wla ssid and wlg ssid parameters at the "genie ap wifi change.cgi" endpoint. Recommendations: For Netgear XR300 version...

CVE-2023-38591

Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wlassid and wlatempssid parameters at bswssid.cgi...

CVE-2023-38412

Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wlassid and wlgssid parameters at iaapsetting.cgi...

CVE-2023-39550

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the checkauth function...

CVE-2023-38922

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the updateauth function...

CVE-2023-38922

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the updateauth function...

Buffer Overflow

osslsigncode is vulnerable to Buffer Overflows. This vulnerability occurs due to a flaw in the way that mtrojnar osslsigncode handles the processing of large files. An attacker can exploit this vulnerability to cause a denial-of-service DoS attack or potentially execute arbitrary code on the syst...

CVE-2023-34552

In certain EZVIZ products, two stack based buffer overflows in mulicastparsesadppacket and mulicastgetpacktype functions of the SADP multicast protocol can allow an unauthenticated attacker present on the same local network as the camera to achieve remote code execution. This affects...

Cisco Multiple Vulnerabilities in NX-OS-Based Products (CVE-2013-1178)

Multiple buffer overflows in the Cisco Discovery Protocol CDP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.24 and 6.x before 6.11, Nexus 5000 and 5500 devices 4.x and 5.x before 5.13N11, Nexus 4000 devices before 4.12E11h, Nexus 3000 devices 5.x before 5.03U31, Nexus...

Buffer Overflows

gpac is vulnerable to Buffer Overflows. The vulnerability found within the filters/loadtext.c file, which causes the program to copy the input buffer into the output buffer without verifying the buffer size resulting in buffer overflows...

CVE-2023-3463 GE Digital CIMPLICITY Heap-based Buffer Overflow

All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...

Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services

Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system DCS and QuickBlox, that, if successfully exploited, could result in severe compromise of affected systems. Dubbed Crit.IX, the nine flaws in the Honeywell Experion D...

Buffer Overflow

libsox.so is vulnerable to Buffer Overflows. The vulnerability exists in the startread function at hcom.c due to not handling the buffer size which allows an attacker to cause an application crash or gain access to sensitive information...

ROS-2-855

2.855 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

The vulnerability of the Google Chrome browser’s guest mode allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s guest mode is related to buffer overflows and the installation of malicious extensions. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and even cause service interruptions through a specially...

Mageia: Security Advisory (MGASA-2023-0206)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2023-166-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] libX11

New libX11 packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libX11-1.8.6-i586-1slack15.0.txz: Upgraded. This update fixes buffer overflows in InitExt.c that could at least...