7301 matches found
CVE-2021-25461
CVE-2021-25461 concerns a stack-based buffer overflow caused by an improper length check in APAService prior to Samsung SMR Sep-2021 Release 1. The vulnerability affects the APAService component and has documented impact in CVSS: CVSSv3.1 base score 7.8 (HIGH) with LOCAL attack vector, LOW attack...
CVE-2021-38408
CVE-2021-38408 affects Advantech WebAccess (versions 9.02 and earlier). The vulnerability is a stack-based buffer overflow caused by improper validation of the length of user-supplied data, potentially enabling remote code execution. Public documentation consistently describes impact as remote co...
CVE-2021-38408
A stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution...
Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2021-70111)
Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...
KLA12283 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A uncontrolled search path element...
Delta Electronics DOPSoft 2 (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft 2 Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Heap-based Buffer Overflow 2. UPDATED INFORMATION This updated advisory is a follow-up to the original advisory...
CVE-2021-36179
A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution...
Stack overflow
A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution...
CVE-2021-39847
XMP Toolkit SDK version 2020.1 and earlier is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file...
CVE-2021-33019
A stack-based buffer overflow vulnerability in Delta Electronics DOPSoft Version 4.00.11 and prior may be exploited by processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(0Day) Fuji Electric Tellus Lite V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
(0Day) Fuji Electric Tellus Lite V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Delta Electronics DOPSoft (Update A)
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerability: Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-238-04 Delta Electronics DOPSoft that was...
CVE-2020-18971
CVE-2020-18971 concerns PoDoFo v0.9.6, where a stack-based buffer overflow in the PdfDictionary.cpp:65 path can be exploited to cause a denial of service. The vulnerability affects the PoDoFo core library component used for PDF parsing/manipulation. The provided connected documents confirm the ex...
CVE-2021-28606
CVE-2021-28606 concerns Adobe After Effects 18.2 and earlier. The vulnerability is a stack-based buffer overflow that occurs while parsing a specially crafted file, enabling arbitrary code execution in the context of the current user. An unauthenticated attacker would need the victim to open a ma...
Security update for libsndfile (critical)
openSUSE Security Update: Security update for libsndfile Announcement ID: openSUSE-SU-2021:1166-1 Rating: critical References: 1100167 1116993 1117954 1188540 Cross-References: CVE-2018-13139 CVE-2018-19432 CVE-2018-19758 CVE-2021-3246 CVSS scores: CVE-2018-13139 NVD : 8.8...
D-Link DAP-2020 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The iss...
Denial Of Service (DoS)
fig2dev is vulnerable to denial of service. A stack-based buffer overflow in the genpstrxtext component in genpstricks.c allows attackers to cause a denial of service DOS by converting a xfig file into pstricks format...