CVE-2023-34287 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the targ...

CVE-2023-32149 D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this...

CVE-2023-27346 TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-27333 TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability

TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this...

CVE-2023-27333

CVE-2023-27333 concerns TP-Link Archer AX21 routers. The vulnerability is a stack-based buffer overflow in the tmpServer service when handling command 0x422, caused by improper validation of user-supplied data length copying into a fixed-length stack buffer. Exploitation could allow remote code e...

CVE-2023-27332 TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability

TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this...

CVE-2023-41222

The CVE-2023-41222 entry concerns D-Link DIR-3040 routers. A stack-based buffer overflow in prog.cgi (SetWan2Settings) processes HNAP requests to the lighttpd webserver (ports 80/443). The flaw arises from insufficient validation of a user-supplied string copied into a fixed-size stack buffer, en...

Ubuntu: Security Advisory (USN-6762-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5403)

Server hostname translation to IP address manipulation which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5401)

Server receiving a malformed message based on a using the specified key values can cause a stack overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. This...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5407)

Controller denial of service due to improper handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...

CVE-2023-51631 D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerabilit...

CVE-2024-4192

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2024-4192

The CVE-2024-4192 entry concerns Delta Electronics CNCSoft-G2, specifically the DOPSoft DPAX file parsing component. The vulnerability arises from failing to validate the length of user-supplied data before copying it into a fixed-size stack-based buffer, enabling remote code execution in the con...

CVE-2024-34020

A stack-based buffer overflow was found in the putSDN function of mail.c in hcode through 2.1...

Unspecified Vulnerability in Tenda AX1806

The Tenda AX1806 is a WiFi6 wireless router from Tenda, China. A security vulnerability exists in the Tenda AX1806 version 1.0.0.1, which stems from an incorrect manipulation of the parameter password can lead to a stack-based buffer overflow. No details of the vulnerability are provided at this...

CVE-2024-34020

CVE-2024-34020 is a stack-based buffer overflow in hcode’s mail.c putSDN() function, affecting hcode up to version 2.1. The root cause is a boundary mishandling of a static index (cp) into a fixed buffer (ibuf) beyond HDR_BUF_LEN, enabling a potential memory overwrite. OpenSUSE notes fixes in hco...

Unspecified vulnerability in Tenda i22 (CNVD-2024-23301)

The Tenda i22 is a wireless access point from Tenda China. A security vulnerability exists in Tenda i22 version 1.0.0.34687, which stems from an incorrect operation of the parameter groupIndex that can lead to a stack-based buffer overflow. No details of the vulnerability are provided at this tim...

Unspecified vulnerability in Tenda i21 (CNVD-2024-23299)

Tenda i21 is a wireless access point from Tenda China. A security vulnerability exists in Tenda i21 version 1.0.0.144656, which stems from an incorrect manipulation of the parameter ssidIndex that can lead to a stack-based buffer overflow. No details of the vulnerability are provided at this time...