AZL-57755 CVE-2022-48703 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handle datavault when the value is ZEROSIZEPTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup returns ZEROSIZEPTR 0x10. Then the datavaultread got NULL...

CVE-2022-48703 thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handle datavault when the value is ZEROSIZEPTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup returns ZEROSIZEPTR 0x10. Then the datavaultread got NULL...

CVE-2022-48703 thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handle datavault when the value is ZEROSIZEPTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup returns ZEROSIZEPTR 0x10. Then the datavaultread got NULL...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-42039

Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-32144

D-Link DAP-1360 webproc COMMMakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this...

CVE-2023-51566

Kofax Power PDF is affected by an OXPS file parsing vulnerability described as a stack-based buffer overflow that can lead to Remote Code Execution. The flaw results from inadequate validation of the length of user-supplied data before copying it into a fixed-length stack buffer during OXPS parsi...

CVE-2023-50186 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44431 BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability

BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-44431 BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability

BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-39494 PDF-XChange Editor OXPS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

PDF-XChange Editor OXPS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-35725

CVE-2023-35725 affects D-Link DAP-2622 devices via a stack-based buffer overflow in the DDP service. The vulnerability arises from improper validation of user-supplied data length before copying to a fixed-length stack buffer, enabling network-adjacent attackers to execute code with root privileg...

CVE-2023-32146

CVE-2023-32146 affects D-Link DAP-1360 devices. Root cause: a stack-based buffer overflow in /cgi-bin/webproc when parsing the errorpage and nextpage parameters, copying data into a fixed-length buffer. This allows remote, network-adjacent attackers (no authentication) to execute code with root p...

CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of metadata...

Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the Authorization header provided to the...

(Pwn2Own) Lexmark CX331adwe make42charstring Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the make42charstring method. The issue results from the lack of...

PT-2024-14203 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required, where the target must visit a malicious page...