CVE-2020-2006

A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14...

CVE-2020-12763

TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd in /sbin when parsing a long "Authorization: Basic" RTSP...

Stack overflow

TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd in /sbin when parsing a long "Authorization: Basic" RTSP...

IBM Spectrum Protect 7.1.x < 7.1.10.100 / 8.1.x < 8.1.9.300 Stack-based Buffer Overflow

IBM Spectrum Protect, formerly known as Tivoli Storage Manager, running on the remote host is version 7.1.x 7.1.10.100 or 8.1.x 8.1.9.300. It is, therefore, is vulnerable to a stack-based buffer overflow which could allow an unauthenticated, remote attacker to executive arbitrary code on the syst...

Microsoft Windows Media Player HEVC Stream Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Arbitrary Code Execution

openjpeg is vulnerable to arbitrary code execution. A stack-based buffer overflow in the pgxtoimage function in bin/jp2/convert.c allows an attacker to execute arbitrary code on the system or crash the application...

Arbitrary Code Execution

faad2 is vulnerable to arbitrary code execution. The vulnerability exists as there is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or...

Stack overflow

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution...

Advantech WebAccess/SCADA GpsET200 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GpsET200 device driver. The issue results from the lack of proper validati...

Advantech WebAccess/SCADA BwBacNetJ Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BwBacNetJ driver. The issue results from the lack of proper validation of...

Advantech WebAccess/SCADA BwBacNetJ Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BwBacNetJ driver. The issue results from the lack of proper validation of...

Advantech WebAccess IOCTL 0x2711 bwscrp Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwscrp.exe when invoked via IOCTL 0x2711. The issue results from the lack of proper...

Trading Technologies X_TRADER disconnect_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...

Stack overflow

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104...

CVE-2017-18865

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104...

CVE-2017-18865

CVE-2017-18865 affects NETGEAR R8300 and R8500 routers with firmware versions before 1.0.2.104. The issue is a stack-based buffer overflow caused by an authenticated user, with potential for memory corruption. Public documents consistently describe the affected devices and the firmware boundary; ...

Updated gnuchess packages fix security vulnerability

Updated gnuchess package fixes security vulnerability: A vulnerability was found in GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmdload function in frontend/cmd.cc via a crafted chess position in an EPD file CVE-2019-15767...

libsndfile security update

1.0.28-10 - fix CVE-2018-19661 and CVE-2018-19662 - buffer over-read in the function i2alawarray in alaw 1673085 1.0.28-9 - fix CVE-2018-13139 - stack-based buffer overflow in sndfile-deinterleave utility 1598482...

EulerOS Virtualization for ARM 64 3.0.2.0 : sudo (EulerOS-SA-2020-1564)

According to the versions of the sudo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used ...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1564)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...