Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service. The vulnerability exists due to stack-based buffer overflow when curl is instructed to parse a .netrc file for credentials which allows an attacker to crash the application via malicious input...

CVE-2022-33184

A vulnerability in fabseg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account...

CVE-2022-32454

Abode Systems, Inc. iota All-In-One Security Kit (versions 6.9X and 6.9Z) is affected by CVE-2022-32454 due to a stack-based buffer overflow in the XCMD setIPCam handler. The root cause is an unsafe strcpy into a 32-byte ipcam_1.name field when processing a crafted XML payload, enabling attacker-...

(0Day) Corel CorelDRAW Graphics Suite CGM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Stack overflow

A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

CVE-2021-26727

CVE-2021-26727 affects Lanner Inc IAC-AST2500A standard firmware (version 1.10.0). The vulnerabilities are in the spx_restservice SubNet_handler_func, enabling multiple command injections and stack/heap-based buffer overflows that can permit remote code execution with root privileges over the net...

CVE-2022-40984

CVE-2022-40984 targets Yokogawa WTViewerE and WTViewerEfree: a stack-based buffer overflow (CWE-121) that can crash the product when processing a long file name. Affected: WTViewerE 761941 up to 1.61 and WTViewerEfree 1.01 up to 1.52. Root cause: stack-based buffer overflow in handling long filen...

CVE-2021-26730 spx_restservice Login_handler_func Subfunction Stack-Based Buffer Overflow

A stack-based buffer overflow vulnerability in a subfunction of the Loginhandlerfunc function of spxrestservice allows an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

CVE-2021-26728 spx_restservice KillDupUsr_func Command Injection and Stack-Based Buffer Overflow

Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsrfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

Advantech R-SeeNet show_code Endpoint Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of POST requests sent to the showcode.php endpoint. When processing th...

Amazon Linux 2 : vim (ALAS-2022-1868)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1868 advisory. A flaw was found in vim, which is vulnerable to an out-of-bounds read in the msgouttransspecial function. This flaw allows a specially crafted file to crash software or execute code when opened i...

Amazon Linux AMI : vim (ALAS-2022-1639)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1639 advisory. A flaw was found in vim, which is vulnerable to an out-of-bounds read in the msgouttransspecial function. This flaw allows a specially crafted file to crash software or execute code when opened in...

Advantech R-SeeNet

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: R-SeeNet Vulnerabilities: Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an unauthorized attacker...

CVE-2022-38450

Adobe Acrobat Reader versions 22.002.20212 and earlier and 20.005.30381 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...

CVE-2022-35710

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

Stack overflow

Adobe Acrobat Reader versions 22.002.20212 and earlier and 20.005.30381 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...

Stack overflow

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

CVE-2022-35690 Adobe ColdFusion ODBC Agent Stack-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

CVE-2022-35710 Adobe ColdFusion ODBC Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

CVE-2022-35710

CVE-2022-35710 affects Adobe ColdFusion Update 14 and earlier, and Update 4 and earlier, via a stack-based buffer overflow in the ODBC/ColdFusion server component triggered by a crafted network packet. This can lead to remote arbitrary code execution in the context of the current user, with no us...