8440 matches found
CVE-2023-35742
D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit...
CVE-2023-35744
D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to...
CVE-2023-51614
The CVE-2023-51614 entry concerns D-Link DIR-X3260 routers. A flaw in the prog.cgi function handling HNAP requests on the lighttpd webserver (ports 80/443) allows a stack-based buffer overflow via an unsafely copied user-supplied string in SetQuickVPNSettings Password, enabling remote code execut...
CVE-2023-35736
D-Link DAP-2622 DDP Change ID Password New Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35737
D-Link DAP-2622 DDP Configuration Backup Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit th...
CVE-2023-35733
D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35725
D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35725
D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35718
D-Link DAP-2622 DDP Change ID Password Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-32149
D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this...
CVE-2023-32144
D-Link DAP-1360 webproc COMMMakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this...
CVE-2023-51566
Kofax Power PDF is affected by an OXPS file parsing vulnerability described as a stack-based buffer overflow that can lead to Remote Code Execution. The flaw results from inadequate validation of the length of user-supplied data before copying it into a fixed-length stack buffer during OXPS parsi...
CVE-2023-50235
CVE-2023-50235 affects Hancom Office Show. The vulnerability lies in PPT file parsing where a lack of proper validation of the length of user-supplied data before copying to a stack-based buffer can enable remote code execution in the context of the current process. The issue requires user intera...
CVE-2023-50234 Hancom Office Cell XLS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Hancom Office Cell XLS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Cell. User interaction is required to exploit this vulnerability in that the target...
CVE-2023-50211 D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this...
CVE-2023-50209 D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-50209
CVE-2023-50209 affects D-Link G416 wireless routers. The cfgsave function in the HTTP service (port 80) has a stack-based buffer overflow due to improper validation of user-supplied data, enabling remote, network-adjacent attackers to execute arbitrary code with root privileges without authentica...
CVE-2023-50186 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2023-50186
CVE-2023-50186 is a GStreamer AV1 parsing vulnerability: a stack-based buffer overflow caused by improper validation of user-supplied data length during AV1 metadata parsing. This can allow remote execution of code in the context of the affected process. The CVE is propagated across multiple advi...
CVE-2023-44445
NETGEAR CAX30 SSO stack-based buffer overflow (CVE-2023-44445) affects the sso binary. Lack of proper length validation on user data copied into a fixed-size stack buffer enables network-adjacent attackers to execute arbitrary code with root privileges. No authentication required; impact describe...