129 matches found
Actiontec Electronics WEB6000Q Security Vulnerability
Actiontec Electronics WEB6000Q is a wireless extender from Actiontec Electronics, Inc. A security vulnerability exists in the Actiontec Electronics WEB6000Q that stems from a lack of proper validation of the length of user-supplied data before it is copied into a fixed-length stack-based buffer. ...
CVE-2023-51596
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-42083
PDF-XChange Editor JPG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...
CVE-2023-37342
Kofax Power PDF PNG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-34289
Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a...
Hancom Office 安全漏洞
Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A security vulnerability exists in Hancom Office that stems from a lack of proper validation of the length of user-supplied data before copying it to a...
GStreamer 安全漏洞
GStreamer is a set of frameworks for processing streaming media. A security vulnerability exists in GStreamer that stems from a lack of proper validation of the length of user-supplied data before copying it to a stack-based fixed-length buffer...
PT-2024-9031 · Trimble · Trimble Sketchup Viewer
Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this issue, where...
Kofax Power PDF 安全漏洞
Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a specific flaw in the parsing of PDF files, which lacks proper validation of the length of user-supplied data prior to copying it into a heap-based...
SUSE CVE-2023-52454
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmettcpbuildpduiovec. Unable to handle kernel NULL pointer dereference a...
PT-2024-14203 · Kofax · Kofax Power Pdf
Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required, where the target must visit a malicious page...
PT-2023-7232 · Gstreamer +6 · Gstreamer +6
Name of the Vulnerable Software and Affected Versions: GStreamer affected versions not specified Description: The issue is related to a heap-based buffer overflow in the AV1 Codec parsing of the GStreamer multimedia framework. This allows remote attackers to execute arbitrary code on affected...
PT-2023-28245 · Unknown · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...
PT-2023-4042 · Gstreamer +6 · Gstreamer +6
Name of the Vulnerable Software and Affected Versions: GStreamer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of GStreamer. The specific flaw exists within the parsing of SRT subtitle files, resulting from the...
Sonos One Speaker 安全漏洞
Sonos One Speaker is a smart speaker from Sonos USA. A security vulnerability exists in Sonos One Speaker version 70.3-35220, which stems from a failure to properly validate the length of user-supplied data. An attacker could exploit the vulnerability to execute code in a rooted environment...
CVE-2022-42431
This vulnerability allows local attackers to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bcmdhd driver. The issue results from...
Adobe Dimension USD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of USD...
Ffmpeg integer overflow vulnerability (CNVD-2025-01690)
FFmpeg is a complete solution for recording, converting and streaming audio and video from the Ffmpeg team. FFmpeg suffers from an integer overflow vulnerability that stems from a failure to properly validate data length in the g729parse function when processing specially crafted files. An attack...
Bentley Systems MicroStation 代码注入漏洞
Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A code injection vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.34, which originates from a failure to properly validate the length of user-supplied data...
HP 多款产品跨站脚本漏洞
HP Color LaserJet Pro and others are products of Hewlett-Packard HP in the U.S. HP Color LaserJet Pro is a line of color printers.HP PageWide Pro is a line of multifunction printers.HP LaserJet Printers is a line of... A security vulnerability exists in multiple HP products that stems from a lack...