Ubuntu: Security Advisory (USN-6762-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5403)

Server hostname translation to IP address manipulation which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5401)

Server receiving a malformed message based on a using the specified key values can cause a stack overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. This...

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5407)

Controller denial of service due to improper handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...

CVE-2023-51631 D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerabilit...

CVE-2024-4192

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2024-4192 Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2 DOPSoft

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

CVE-2024-4192

The CVE-2024-4192 entry concerns Delta Electronics CNCSoft-G2, specifically the DOPSoft DPAX file parsing component. The vulnerability arises from failing to validate the length of user-supplied data before copying it into a fixed-size stack-based buffer, enabling remote code execution in the con...

Low: Red Hat Security Advisory: file security update

An update for file is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Low: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

RHEL 9 : file (RHSA-2024:2512)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2512 advisory. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types,...

RHEL 9 : tigervnc (RHSA-2024:2616)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2616 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

CVE-2024-34020

A stack-based buffer overflow was found in the putSDN function of mail.c in hcode through 2.1...

CVE-2024-34020

CVE-2024-34020 is a stack-based buffer overflow in hcode’s mail.c putSDN() function, affecting hcode up to version 2.1. The root cause is a boundary mishandling of a static index (cp) into a fixed buffer (ibuf) beyond HDR_BUF_LEN, enabling a potential memory overwrite. OpenSUSE notes fixes in hco...

Unspecified Vulnerability in Tenda AX1806

The Tenda AX1806 is a WiFi6 wireless router from Tenda, China. A security vulnerability exists in the Tenda AX1806 version 1.0.0.1, which stems from an incorrect manipulation of the parameter password can lead to a stack-based buffer overflow. No details of the vulnerability are provided at this...

Unspecified vulnerability in Tenda i22 (CNVD-2024-23301)

The Tenda i22 is a wireless access point from Tenda China. A security vulnerability exists in Tenda i22 version 1.0.0.34687, which stems from an incorrect operation of the parameter groupIndex that can lead to a stack-based buffer overflow. No details of the vulnerability are provided at this tim...

Unspecified vulnerability in Tenda i21 (CNVD-2024-23299)

Tenda i21 is a wireless access point from Tenda China. A security vulnerability exists in Tenda i21 version 1.0.0.144656, which stems from an incorrect manipulation of the parameter ssidIndex that can lead to a stack-based buffer overflow. No details of the vulnerability are provided at this time...

Unspecified vulnerability in Tenda i21 (CNVD-2024-23296)

Tenda i21 is a wireless access point from Tenda China. A security vulnerability exists in Tenda i21 version 1.0.0.144656, which stems from an incorrect operation of the parameter ssidIndex that can cause a stack-based buffer overflow. No details of the vulnerability are provided at this time...

Unspecified vulnerability in Tenda i21 (CNVD-2024-23294)

Tenda i21 is a wireless access point from Tenda China. A security vulnerability exists in Tenda i21 version 1.0.0.144656, which stems from an incorrect operation of the parameter ssidIndex that can cause a stack-based buffer overflow. No details of the vulnerability are provided at this time...

Unspecified Vulnerability in Tenda W9 (CNVD-2024-23293)

Tenda W9 is a wireless in-wall access point from Tenda, China. A security vulnerability exists in Tenda W9 version 1.0.0.74456, which stems from an incorrect operation of the parameter dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 that can result in a stack-based buffer...