CVE-2022-24973

CVE-2022-24973 affects TP-Link TL-WR940N routers (httpd on port 80). The flaw is a stack-based buffer overflow caused by improper validation of user-supplied data length in the httpd service, allowing network-adjacent attackers to execute code with root privileges. Exploitation was described in Z...

CBL Mariner 2.0 Security Update: fribidi (CVE-2022-25308)

The version of fribidi installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-25308 advisory. - A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a...

CVE-2022-45460

CVE-2022-45460 affects XiongMai NVRs (e.g., MBD6304T and NBD6808T-PL) and is caused by a stack-based buffer overflow triggered by a long URI in a sprintf call on the web server. An unauthenticated, remote attacker can crash the web server and reboot the device, with potential arbitrary code execu...

CVE-2023-1646

CVE-2023-1646 affects IObit Malware Fighter 9.4.0.776. The issue resides in the IOCTL Handler’s IMFCameraProtect.sys, manipulation of functions 0x8018E000/0x8018E004 causes a stack-based buffer overflow. Local exploitation is required; the exploit has been publicly disclosed. PT-2023-2360 notes a...

Security Bulletin: Multiple vulnerabilities in IBM Content Navigator may affect IBM Business Automation Workflow

Summary IBM Business Automation Workflow embeds a version of IBM Content Navigator that is vulnerable to denial of service attacks and missing authorization. Vulnerability Details CVEID:CVE-2022-40151 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-117)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-117 advisory. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. CVE-2022-3234 Use After Free in GitHub repository vim/vim prior to 9.0.0490. CVE-2022-3235 Use After Free in GitHub...

Delta DOPSoft <= 4.00.16.22 Multiple Vulnerabilities

The version of Delta DOPSoft installed on the remote host is prior to or equal to 4.00.16.22. It is, therefore, affected by multiple vulnerabilities as referenced in the CISA ICSA-23-031-01 advisory. - Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-098 advisory. 2024-02-15: CVE-2022-3591 was added to this advisory. 2024-02-15: CVE-2022-3520 was added to this advisory. A flaw was found in vim. A possible heap-based buffer overflow could allow an attacke...

CBL Mariner 2.0 Security Update: libjpeg-turbo (CVE-2020-17541)

The version of libjpeg-turbo installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-17541 advisory. - Libjpeg-turbo all version have a stack-based buffer overflow in the transform component. A remote...

Siemens Tecnomatix Plant Simulation SPP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 ESM / 22.04 ESM : abcm2ps vulnerabilities (USN-5961-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5961-1 advisory. It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could...

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20)

The version of Adobe Dimension installed on the remote Windows host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

PT-2023-20010 · Gfi · Gfi Kerioconnect

Name of the Vulnerable Software and Affected Versions: GFI Kerio Connect versions 9.4.1 patch 1 through 9.4.1 patch 1 Description: An issue was discovered in the webmail component's 2FASetup function, which is vulnerable to a stack-based Buffer Overflow. This occurs via an authenticated request...

CVE-2022-33260

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size...

Stack-Based Buffer Overflow

nvidia-cuda-toolkit is vulnerable to Stack-Based Buffer Overflows. A remote attacker is able to exploit a buffer overflow condition by persuading a local user to download a corrupted file and execute cuobjdump against it, leading to denial of service and loss of data integrity...

SUSE SLES11 Security Update : cifs-utils (SUSE-SU-2022:14950-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:14950-1 advisory. - CVE-2022-27239: Fixed a buffer overflow in the command line ip option bsc1197216. Tenable has extracted the preceding description block directly fro...

EulerOS 2.0 SP5 : vim (EulerOS-SA-2023-1518)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. CVE-2022-1725 - NULL Pointer Dereference in GitHub repository vim/vim prio...

Debian: Security Advisory (DLA-323-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-488-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...