PT-2024-9624

Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description A stack-buffer overflow has been detected in the gst opus dec parse header function within gstopusdec.c. The pos array is a stack-allocated buffer of size 64. If n channels exceeds 64, the for lo...

Backdoor.Win32.Prorat.jz MVID-2024-0699 Buffer Overflow

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Prorat.jz Vulnerability: Remote Stack Buffer Overflow SEH Description: The RAT...

PT-2024-10158

Name of the Vulnerable Software and Affected Versions GStreamer versions prior to 1.24.10 Description A stack-buffer overflow has been detected in the vorbis handle identification packet function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels...

Sony XAV-AX5500 安全漏洞

The SONY XAV-AX5500 is a 7-inch in-vehicle center console with a wide range of functions and advanced technical features. The SONY XAV-AX5500 suffers from a stack buffer overflow vulnerability that stems from an extended content description object built in a WMV media file that can trigger an...

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the wireless network driver mt_7615.ko software for Sonos audio devices allows a hacker to execute arbitrary code.

The vulnerability of the wireless network driver mt7615.ko of Sonos audio devices is related to stack buffer overflow. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the OpenVPN Connect software lies in the overflow of buffers in the stack, which allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the OpenVPN Connect software is related to insufficient restrictions on communication channels for specified endpoints. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary code...

SUSE SLES12 Security Update : qemu (SUSE-SU-2024:3229-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3229-1 advisory. - CVE-2024-3447: Fix heap buffer overflow in sdhciwritedataport. bsc1218485 - CVE-2023-6693: Fix stack buffer overflow in...

The vulnerability of the Gstreamer multimedia framework, related to buffer overflows in the stack, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Gstreamer multimedia framework is related to buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

SUSE-SU-2024:3229-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-3447: Fix heap buffer overflow in sdhciwritedataport. bsc1218485 - CVE-2023-6693: Fix stack buffer overflow in virtionetflushtx. bsc1218484...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2024-38014)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A stack buffer overflow vulnerability exists in Siemen...

Mageia: Security Advisory (MGASA-2024-0289)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0289 Updated zziplib packages fix security vulnerability

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c. CVE-2024-39134...

Updated zziplib packages fix security vulnerability

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c. CVE-2024-39134...

Unspecified Vulnerability in Tenda FH1201 (CNVD-2024-40285)

The Tenda FH1201 is a wireless router from Tenda China. A security vulnerability exists in Tenda FH1201 v1.2.0.14, which is caused by a stack buffer overflow vulnerability in "formWrlExtraGet". The vulnerability is caused by a stack buffer overflow vulnerability in "formWrlExtraGet"...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...

CVE-2024-45158

CVE-2024-45158 affects Mbed TLS 3.6.x up to 3.6.0. A stack buffer overflow can occur in the der/der_to_raw conversions for ECDSA when the bits parameter exceeds the largest supported curve, and this can affect configurations where PSA is disabled; internal library calls are not impacted, but appl...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...

CVE-2024-45158

An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtlsecdsadertoraw and mbedtlsecdsarawtoder can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. This never happen...