8440 matches found
CVE-2020-10828
A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2020-12350 · Draytek · Draytek Vigor2960 +2
Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 versions prior to 1.5.1 Draytek Vigor2960 versions prior to 1.5.1 Draytek Vigor300B versions prior to 1.5.1 Description: A stack-based buffer overflow in the apmd service allows remote attackers to achieve code execution via...
Advantech WebAccess
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 3. TECHNICAL DETAILS 3.1...
CVE-2020-10881
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS messa...
Stack overflow
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2020-3799
CVE-2020-3799 describes a stack-based buffer overflow affecting Adobe Acrobat and Reader. Affected versions include 2020.006.20034 and earlier, 2017.011.30158 and earlier, and 2015.006.30510 and earlier. Successful exploitation could lead to arbitrary code execution. Connected sources corroborate...
(Pwn2Own) TP-Link Archer A7 DNS Response Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an...
VISAM Automation Base (VBASE) (Update B)
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: VISAM Equipment: VBASE Vulnerabilities: Relative Path Traversal, Incorrect Default Permissions, Inadequate Encryption Strength, Insecure Storage of Sensitive Information, Stack-based Buffer Overflow...
Adobe Photoshop EPS BoundingBox Element Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2020-1268)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Adobe Reader < 2015.006.30518 / 2017.011.30166 / 2020.006.20042 Multiple Vulnerabilities (APSB20-13) (macOS)
The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30518, 2017.011.30166, or 2020.006.20042. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.3015...
Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws
Adobe has released out-of-band updates addressing critical vulnerabilities in its Photoshop and Acrobat Reader products, which if exploited could allow arbitrary code-execution. Overall, Adobe on Wednesday patched flaws tied to 41 CVEs across its products, 29 of which were critical in severity. T...
Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws
Adobe has released out-of-band updates addressing critical vulnerabilities in its Photoshop and Acrobat Reader products, which if exploited could allow arbitrary code-execution. Overall, Adobe on Wednesday patched flaws tied to 41 CVEs across its products, 29 of which were critical in severity. T...
Foxit Studio Photo TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing GifName Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2020-1226)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : libarchive (EulerOS-SA-2020-1226)
According to the versions of the libarchive package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - readheader in archivereadsupportformatrar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names i...
CVE-2017-18350
bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name...
CVE-2017-18350
Affected software: bitcoind and Bitcoin-Qt prior to 0.15.1. Issue: a stack-based buffer overflow caused by a signedness error when a attacker-controlled SOCKS proxy responds with an acknowledgement to an unexpected domain name. Impact details are consistent with the CVE, including a partial avail...
CentOS: Security Advisory for sudo (CESA-2020:0726)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...