Stack overflow

A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi...

CVE-2020-14931

A stack-based buffer overflow in DMitry Deepmagic Information Gathering Tool 1.3a might allow remote WHOIS servers to execute arbitrary code via a long line in a response that is mishandled by nicformatbuff...

CVE-2020-14147

An integer overflow in the getnum function in luastruct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox restrictions via a large...

EulerOS 2.0 SP2 : sudo (EulerOS-SA-2020-1662)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1662)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2020-1667)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-12019

WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code...

CVE-2020-12019

CVE-2020-12019 affects Advantech WebAccess Node (Version 8.4.4 and prior). The Red Hat/NVD/NVD-derived entries and ZDI advisories describe a stack-based buffer overflow in the DATACORE/WebAccess Node component that enables remote code execution without authentication. Exploitation is remote and u...

CVE-2020-14147

An integer overflow in the getnum function in luastruct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox restrictions via a large...

CVE-2020-14147

An integer overflow in the getnum function in luastruct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox restrictions via a large...

CVE-2020-14076

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action stdevconnect, stdevdisconnect, or stdevrconnect with a sufficiently long wantype key...

CVE-2020-14076

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action stdevconnect, stdevdisconnect, or stdevrconnect with a sufficiently long wantype key...

CVE-2020-14079

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action autoupfw or autouplp with a sufficiently long updatefilename key...

CVE-2020-14077

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action setstaenrolleepinwifi1 or setstaenrolleepinwifi0 with a sufficiently long wpsstaenrolleep...

CVE-2020-14074

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kickbanwifimacallow with a sufficiently long qcawifi.wifi0vap0.maclist key...

CVE-2020-14078

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wificaptiveportallogin with a sufficiently long REMOTEADDR key...

CVE-2020-14080

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to applysec.cgi via the action pingtest with a sufficiently long pingipaddr key...

Stack overflow

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action autoupfw or autouplp with a sufficiently long updatefilename key...

Stack overflow

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wificaptiveportallogin with a sufficiently long REMOTEADDR key...

Stack overflow

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to applysec.cgi via the action pingtest with a sufficiently long pingipaddr key...