CVE-2021-34123

An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf in asm.c allows attackers to execute arbitrary code on the system via a crafted file...

AdvanceMAME 缓冲区错误漏洞

AdvanceMAME is a port of the MAME 0.106 and MESS 0.106 emulators from AdvanceMAME, Inc. For arcade monitors and TVs, also for LCD and PC monitors. AdvanceMAME suffers from a stack buffer overflow vulnerability due to incorrect bounds checking performed by function png\u convert\u 4 in file...

CVE-2021-34123

CVE-2021-34123 affects ATasm version 1.09, with a stack-buffer-overflow in function aprintf() in asm.c that lets an attacker execute arbitrary code via a crafted file. Several sources (NVD, Red Hat, PRION, CNNVD, CVE lists) corroborate the same description, including CVSS 3.1 base score 9.8 (Netw...

OSV-2023-567 Stack-buffer-overflow in initialize_encryption_key

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60563 Crash type: Stack-buffer-overflow READ Crash state: initializeencryptionkey cliole2extract cliscanole2...

PT-2023-8298 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

IBM DB2 Stack Buffer Overflow Vulnerability

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from a stack buffer overflow vulnerability that stems from incorrect boundary...

PT-2023-35907 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash occurs in the initialize encryption key function, which is called by cli ole2 extra...

OSV-2023-560 Stack-buffer-overflow in sc_pkcs15_get_lastupdate

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60527 Crash type: Stack-buffer-overflow READ Crash state: scpkcs15getlastupdate generatecachefilename scpkcs15readcachedfile...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2023-56535)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

Tenda FH1203 formSetDeviceName method stack buffer overflow vulnerability

Tenda FH1203 is a dual-band wireless router from China's Tenda, mainly used for home network coverage and enhancement. The Tenda FH1203 suffers from a stack buffer overflow vulnerability that originates from the deviceId parameter of the formSetDeviceName method failing to properly validate the...

Siemens Tecnomatix Plant Simulation Stack Buffer Overflow Vulnerability (CNVD-2023-56536)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

PT-2023-35905 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack buffer overflow read. Technical details include a crash state involving the sc pkcs15 get lastupdate, generate cache...

Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from a stack buffer overflow...

The vulnerability of the xml_sax_parse() function (src/utils/xml_parser.c) in the GPAC multimedia platform allows a hacker to induce a service failure.

The vulnerability of the xmlsaxparse function src/utils/xmlparser.c in the GPAC multimedia platform is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2023-8217 · D Link · D-Link G416

Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. The specific flaw exists within the HTTP service listening on TC...

pdfcrack 缓冲区错误漏洞

pdfcrack is a command line password recovery tool for PDF files from the individual developer Henning Noren. A security vulnerability exists in pdfcrack versions 0.17 through 0.18, which originates from the execution of arbitrary code via a stack-based buffer error in the MD5 function...

Amazon Linux 2 : opensc (ALAS-2023-2102)

The version of opensc installed on the remote host is prior to 0.19.0-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2102 advisory. A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 A use after return...

ASB-A-261068592

In gattendoperation of gattutils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Medium: opensc

Issue Overview: A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 A use after return issue was found in Opensc before version 0.22.0 in insertpin function that could potentially crash programs using the library. CVE-2021-42780 Heap buffer overflo...

CVE-2023-0972

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution...