CVE-2024-45971

The CVE-2024-45971 affects MZ Automation LibIEC61850 MMS Client, with multiple stack-based buffer overflows triggered by MMS IdentifyResponse messages. Root cause is the buffer overflow condition present before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0. Patch/remediation is referenced by th...

CVE-2024-24447

CVE-2024-24447 describes a buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0, enabling a Denial of Service via a PDU Session Resource Setup Response with an empty Response Item list. Affected software: oai-cn5g-amf

CVE-2024-24450

Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...

CVE-2024-41206

CVE-2024-41206 describes a stack-based buffer over-read in tsMuxer (nightly-2024-03-14-01-51-12) that can cause information disclosure when processing a crafted TS video file. Affected component is the tsMuxer code path handling transport streams; root cause is a buffer over-read, as stated in mu...

CVE-2024-47905

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47909

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47909

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47907

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-47907

CVE-2024-47907 describes a stack-based buffer overflow in the IPsec component of Ivanti Connect Secure, before version 22.7R2.3, allowing a remote unauthenticated attacker to cause a denial of service. Affected product: Ivanti Connect Secure (ICS). Connected sources consistently confirm the issue...

CVE-2024-47905

CVE-2024-47905 describes a stack-based buffer overflow in Ivanti Connect Secure prior to 22.7R2.3 and Ivanti Policy Secure prior to 22.7R1.2. The vulnerability allows a remote authenticated attacker with admin privileges to cause a denial of service. Public sources confirm affected products and f...

CVE-2024-47905

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

(0Day) Trimble SketchUp Viewer SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2024-39354

If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code...

CVE-2024-39605

CVE-2024-39605 affects Delta Electronics DIAScreen with a stack-based buffer overflow in the BACnetParameter (and BACnetObjectInfo per ICS advisory) parsing path when a user opens a crafted file, enabling remote code execution after successful user interaction. Documents describe affected compone...

CVE-2024-11061

A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN0044db3c of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2024-11056

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-11056 Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-11048

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrvasp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2024-11047

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgradefilterasp of the file /upgradefilter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely...

CVE-2024-11048 D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrvasp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...