CVE-2024-36468 Stack buffer overflow in zbx_snmp_cache_handle_engineid

The reported vulnerability is a stack buffer overflow in the zbxsnmpcachehandleengineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-securityEngineID to localrecord.engineid without proper bounds checking...

CVE-2024-36468

CVE-2024-36468 describes a stack buffer overflow in the Zabbix server/proxy code, specifically in the function zbx_snmp_cache_handle_engineid . The issue arises when copying data from session->securityEngineID to local_record.engineid without proper bounds checking, enabling an out-of-bounds w...

CVE-2024-36468

The reported vulnerability is a stack buffer overflow in the zbxsnmpcachehandleengineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-securityEngineID to localrecord.engineid without proper bounds checking...

Fuji Electric Monitouch V-SFT 安全漏洞

Fuji Electric Monitouch V-SFT is a configuration software for Human Machine Interfaces HMI provided by Fuji Electric. A stack buffer overflow vulnerability exists in Fuji Electric Monitouch V-SFT V10 file parsing, which originates from not properly validating the length of user-supplied data befo...

Fuji Electric Monitouch V-SFT 安全漏洞

Fuji Electric Monitouch V-SFT is a configuration software for Human Machine Interfaces HMI from Fuji Electric. It supports a variety of features including customizable home screen, PDF document viewer, video player, alarm messages, 10 pop-up windows, and more. A stack buffer overflow vulnerabilit...

CVE-2024-53849

The CVE-2024-53849 issue affects editorconfig-core-c (EditorConfig core library in C) where multiple escaped characters in input patterns can trigger stack/pointer overflows in the '[' handling during parsing. The root cause is that added backslashes reduce available space in nested-bracket outpu...

CVE-2024-28038

The web interface of the affected devices processes a cookie value improperly, leading to a stack buffer overflow. More precisely, giving too long character string to MFPSESSIONID parameter results in a stack buffer overflow. As for the details of affected product names, model numbers, and...

CVE-2024-28038

The web interface of the affected devices processes a cookie value improperly, leading to a stack buffer overflow. More precisely, giving too long character string to MFPSESSIONID parameter results in a stack buffer overflow. As for the details of affected product names, model numbers, and...

CVE-2024-11498

There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space up to 256mb is possible, maybe 512mb, potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend...

CVE-2024-11498 Resource exhaustion via Stack overflow in libjxl

There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space up to 256mb is possible, maybe 512mb, potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend...

CVE-2024-11498

CVE-2024-11498 affects the libjxl (JPEG XL) library. A crafted file can trigger a stack-based overflow, causing the decoder to allocate large stack space (up to 256–512 MB) and potentially exhaust stack memory, leading to denial of service. Multiple advisories and deployable updates reference thi...

CVE-2024-11498

There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space up to 256mb is possible, maybe 512mb, potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend...

The vulnerability in the l2tp.cgi script of NETGEAR R7000P router software allows a hacker to induce a service failure.

The vulnerability of the l2tp.cgi script in the NETGEAR R7000P router’s microprogramming system is related to buffer overflows in the stack when processing the l2tpusernetmask parameter. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to buffer overflow in the stack, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Trimble SketchUp 安全漏洞

Trimble SketchUp is a suite of 3D modeling programs for architects, urban planners, producers, game developers, and related professionals from Trimble USA. Trimble SketchUp suffers from a security vulnerability that stems from a stack-based buffer overflow issue contained in SKP file parsing. An...

Luxion KeyShot 安全漏洞

Luxion KeyShot is a software for designing photos of 3D scenes from Luxion, USA. The software allows real-time 3D rendering workflows to display results immediately and reduce the time required to create photorealistic product photos. A security vulnerability exists in Luxion KeyShot that stems...

IrfanView 安全漏洞

IrfanView is an image viewer. It supports image browsing, image editing, image format conversion and so on. A buffer overflow remote code execution vulnerability exists in the IrfanView WBZ plugin WB1 Stack File Parsing, which is caused by failing to properly validate the length of user-supplied...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2024-45987)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A stack buffer overflow vulnerability exists in Siemen...

PT-2024-17040 · Irfan Skiljan · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...

The vulnerability of the opennurbs.dll and ODXSW_DLL.dll libraries, which are software components for modeling, design, and drafting in AutoCAD, allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the opennurbs.dll and ODXSWDLL.dll libraries, which are software for modeling, design, and drafting in AutoCAD, is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, execute...