Fuji Electric Tellus Lite V-Simulator and V-Server Lite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Tellus Lite V-Simulator, and V-Server Lite Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Untrusted Pointer Dereference, Out-of-bounds Read, Access of Uninitialized Pointer,...

CVE-2021-34861

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by defaul...

CVE-2021-34862

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webpr...

Stack overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webpr...

Oracle MySQL Cluster Management API Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Management API. The issue results from the lack of proper validation of the...

CVE-2021-21749

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code...

CVE-2021-21748

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code...

CVE-2021-21748

CVE-2021-21748 affects ZTE MF971R with stack-based buffer overflow in the web API path ADB_MODE_SWITCH (password handling) leading to remote code execution. Talos details show exploit via specially crafted HTTP requests that bypass referer checks (no authentication required) and trigger a stack-b...

CVE-2021-31383

In Point to MultiPoint P2MP scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon RPD of Juniper...

CVE-2021-31383

CVE-2021-31383 affects Juniper Networks Junos OS and Junos OS Evolved, where in P2MP scenarios the routing protocol daemon (RPD) may crash due to a source-to-destination copy-write operation paired with a stack-based buffer overflow on certain crafted packets. This leads to a DoS that can become ...

Zoom Client < 2.0.115900.1201 Multiple Vulnerabilities (Oct 2017) - Linux

The Zoom Client is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-38389

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...

Stack overflow

FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...

CVE-2021-38389 Advantech WebAccess

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...

CVE-2021-38389

This CVE affects Advantech WebAccess (versions 9.02 and earlier). A stack-based buffer overflow vulnerability exists in the handling of IOCTL 0x1138B, allowing remote code execution with no authentication required. ZDI reports that the flaw can be exploited by remote attackers to execute code in ...

CVE-2021-38430 FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...

Stack overflow

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

CVE-2021-38432

CVE-2021-38432 affects FATEK Automation Communication Server (Versions 1.13 and prior). The vulnerability is a stack-based buffer overflow caused by lack of proper validation of user-supplied data, enabling remote code execution via network access (no authentication required per ZDI/CISA). Exploi...

CVE-2021-38432 FATEK Automation Communication Server

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

Fatek Automation Communication Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of data sent to the Facon Server, which listens on...