Delta Electronics DIAScreen DPA File Parsing Stack Buffer Overflow Vulnerability (CNVD-2025-01799)

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in Taiwan, China. A stack buffer overflow vulnerability exists in the Delta Electronics DIAScreen DPA file parsing, which can be exploited by an attacker to execute arbitrary code...

PT-2024-32883 · Ivanti · Ivanti Connect Secure

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.3 Description: A stack-based buffer overflow in IPsec allows a remote unauthenticated attacker to cause a denial of service. Recommendations: For versions prior to 22.7R2.3, update to version...

OESA-2024-2363 dcraw security update

This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. Security Fixes: CVE-2017-13735 CVE-2017-14608 A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remot...

SQLite3 generate_series Stack Buffer Underflow Vulnerability

SQLite3 suffers from a stack buffer underflow condition in seriesBestIndex in the generateseries extension. Vulnerability details static int seriesBestIndex sqlite3vtab pVTab, sqlite3indexinfo pIdxInfo int i, j; / Loop over constraints / int idxNum = 0; / The query plan bitmask / ifndef...

OSV-2022-1288 Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376787368 Crash type: Stack-buffer-overflow READ 1 Crash state: bool SmilesParseOps::parser::parseatomprops bool SmilesParseOps::parser::parseit SmilesParseOps::parseCXExtensions...

SQLite3 generate_series Stack Buffer Underflow

Vulnerability details static int seriesBestIndex sqlite3vtab pVTab, sqlite3indexinfo pIdxInfo int i, j; / Loop over constraints / int idxNum = 0; / The query plan bitmask / ifndef ZEROARGUMENTGENERATESERIES int bStartSeen = 0; / EQ constraint seen on the START column / endif int unusableMask = 0;...

OSV-2024-1261 Stack-buffer-overflow in _pcre2_compile_class_not_nested_16

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376515526 Crash type: Stack-buffer-overflow WRITE 2 Crash state: pcre2compileclassnotnested16 compileclassoperand pcre2compileclassnested16...

Fortinet Fortigate Stack-based buffer overflows in diagnostic CLI commands (FG-IR-21-179)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-179 advisory. - A stack-based buffer overflow vulnerability CWE-121 in the command line interpreter of FortiOS before 7.0.4 and FortiProxy...

Fortinet FortiWeb Multiple stack-based buffer overflow vulnerabilities in CLI command (FG-IR-20-206)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-206 advisory. - A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute...

CVE-2024-40494

Buffer Overflow in coapmsg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service stack buffer overflow via a crafted packet...

PT-2024-28877 · Freecoap · Freecoap

Name of the Vulnerable Software and Affected Versions: FreeCoAP affected versions not specified Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted packet, resulting in a stack buffer overflow in the coap msg.c file. Recommendations:...

CBL Mariner 2.0 Security Update: redis / valkey (CVE-2024-31449)

The version of redis / valkey installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31449 advisory. - Redis is an open source, in-memory database that persists on disk. An authenticated user May use a...

Qnap QTS Out-of-bounds Write (CVE-2021-34343)

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS...

Qnap QTS Out-of-bounds Write (CVE-2021-28816)

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS...

Adobe Animate stack buffer overflow vulnerability (CNVD-2024-41254)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

CVE-2024-44157

A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination...

CVE-2024-47962

Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current...

Siemens JT2Go Stack Buffer Overflow Vulnerability

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with available JT, VFZ, CGM and TIF data. Siemens JT2Go suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

BIT-VALKEY-2024-31449 Lua library commands may lead to stack overflow and RCE in Redis

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scriptin...

BIT-REDIS-2024-31449 Lua library commands may lead to stack overflow and RCE in Redis

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scriptin...