CVE-2023-27910

A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution...

Stack overflow

A maliciously crafted XB file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the...

PT-2023-21414 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD version 2023 Description: A maliciously crafted X B file can be used to write beyond the allocated buffer, causing a Stack Buffer Overflow when parsed through Autodesk AutoCAD. This can be leveraged by a malicious actor to...

CVE-2023-27914

Autodesk AutoCAD 2023 is affected by CVE-2023-27914 due to parsing a malicious X_B file, which can cause a stack buffer overflow. The underlying issue is a write beyond the allocated buffer, leading to crashes, potential data leakage, or arbitrary code execution within the process context. The pu...

CVE-2023-26383

Adobe Substance 3D Stager version 2.0.1 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Rocket Software Unidata udadmin_server Stack Buffer Overflow in Password

This modlue exploits an authentication bypass vulnerability in the Linux version of udadminserver, which is an RPC service that comes with the Rocket Software UniData server, which runs as root. This vulnerability affects UniData versions 8.2.4 build 3003 and earlier for Linux, but this module...

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

OSV-2023-285 Stack-buffer-overflow in fn_ElIn_evaluate

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57745 Crash type: Stack-buffer-overflow WRITE 4 Crash state: fnElInevaluate pdfisetblackgeneration GSBG...

PT-2023-35759 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash, specifically a WRITE 4 operation. The crash occurs in the fn ElIn evaluate function, which is call...

Autodesk FBX-SDK library < 2020.3.4 Multiple Vulnerabilities (ADSK-SA-2023-0004)

The version of Autodesk FBX-SDK library installed on the remote host is prior to 2020.3.4. It is, therefore, affected by multiple vulnerabilities: - An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or...

SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow

Exploit Title: SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: 1.1.2 Summary: The SOUND4 Link&Share L&S is a simple and open protocol that...

OSV-2023-251 Stack-buffer-overflow in ext11_work_out_bundles

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57494 Crash type: Stack-buffer-overflow WRITE 4 Crash state: ext11workoutbundles dissectorancsection dissectoran...

Router ZTE-H108NS - Stack Buffer Overflow (DoS)

Exploit Title: ZTE-H108NS - Stack Buffer Overflow DoS Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://www.zte.com.cn/global/ Firmware: H108NSV1.0.7uZRDGR2A68 Usage: python zte-exploit.py CVE: N/A Tested on: Debian 5.18.5 !/usr/bin/python3 import sys import socket from time impor...

PT-2023-35740 · Git +1 · Wireshark

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details include a crash type of Stack-buffer-overflow WRITE 4. The crash state involves...

CVE-2023-28504 Stack buffer overflow in UniRPC library function

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user...

CVE-2023-28504 Stack buffer overflow in UniRPC library function

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user...

CVE-2023-28502 Stack buffer overflow in UniRPC's udadmin_server service

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the root user...

CVE-2022-28315

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-28306

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Wago PFC200 iocheckd service 'I/O-Check' cache Memory Corruption (CVE-2019-5185)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as an...