OSV-2024-156 Stack-buffer-overflow in rtpin_satip_get_server_ip

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67263 Crash type: Stack-buffer-overflow WRITE 1 Crash state: rtpinsatipgetserverip rtpininitialize gffilternewfinalize...

CVE-2023-51395

The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z-Wave end devices. This vulnerability may allow an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

Design/Logic Flaw

The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z-Wave end devices. This vulnerability may allow an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

CVE-2023-51395 Z-Wave S0 Decryption Vulnerability in End Devices

The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z-Wave end devices. This vulnerability may allow an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...

Delta Electronics CNCSoft-B Stack Buffer Overflow Vulnerability

Delta Electronics CNCSoft-B is a CNC machine simulation system software from Delta Electronics Taiwan, China. A stack buffer overflow vulnerability exists in Delta Electronics CNCSoft-B, which can be exploited by an attacker to execute arbitrary code because the program fails to properly validate...

The vulnerability of the srso component in the Linux operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the srso component in the Linux operating system’s kernel is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CentOS: Security Advisory for LibRaw (CESA-2024:0343)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2024-1709563938 vim: Fix of CVE-2024-22667

CVE-2024-22667: addressing a potential stack-buffer-overflow in option processing functions...

openSUSE: Security Advisory for dbus (openSUSE-SU-2022:10030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2023:3228-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-38413

Name of the Vulnerable Software and Affected Versions oFono affected versions not specified Description This issue allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit...

CentOS 9 : libtiff-4.4.0-2.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libtiff-4.4.0-2.el9 build changelog. - Null source pointer passed as an argument to memcpy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to...

RUSTSEC-2024-0020 Stack buffer overflow with whoami on several Unix platforms

With versions of the whoami crate = 0.5.3 and = 0.5.3 and 1.0.1, calling any of the above functions also leads to a stack buffer overflow on these platforms: - Bitrig - DragonFlyBSD - FreeBSD - NetBSD - OpenBSD This occurs because of an incorrect definition of the passwd struct on those platforms...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : PHP vulnerabilities (USN-6305-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6305-2 advisory. USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04...

MikroTik RouterOS Out-of-bounds Write (CVE-2018-1156)

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system. This plugin only works with Tenable.ot. Please visit...

CVE-2024-25751

A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42multi allows a remote attacker to execute arbitrary code via the fromSetSysTime function...

Tenda AC23 schedStartTime Parameter Stack Buffer Overflow Vulnerability

Tenda AC23 is a dual-band wireless router from Tenda that supports 802.11acWave2 technology with dual-band concurrent transmission rates up to 2033Mbps, including up to 1733Mbps in the 5GHz band, which is suitable for high-bandwidth applications such as 4K video and online live streaming. The Ten...

CVE-2024-25751

The CVE-2024-25751 entry affects the Tenda AC9 router (v3.0) with firmware v15.03.06.42_multi. It is a Stack-Based Buffer Overflow in the fromSetSysTime function that enables a remote attacker to execute arbitrary code. The threat is described as remote code execution with a high impact; the CVSS...

CVE-2024-25748

A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42multi allows a remote attacker to execute arbitrary code via the fromSetIpMacBind function...

CVE-2024-25753

Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function...