6877 matches found
OSV-2023-497 Stack-buffer-overflow in parse_regex
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59907 Crash type: Stack-buffer-overflow READ 1 Crash state: parseregex parseregex parseregex...
PT-2023-35874 · Git +1 · Clamav
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read error. The crash state indicates repeated calls to the parse regex function, suggesting a potential...
OSV-2022-1276 Stack-buffer-overflow in ntlm_phase_3
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59818 Crash type: Stack-buffer-overflow WRITE 1 Crash state: ntlmphase3 establishhttpproxypassthru fuzzproxy.c...
CVE-2022-28550
Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...
AutoDesk: CVE-2023-27910 stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior
...
CVE-2022-28550
CVE-2022-28550 affects JHead 3.06. The vulnerability is a stack buffer overflow caused by copying into a fixed-size stack buffer when processing shellescape(), specifically when handling multiple &i or &o values; boundary checks on the stack buffer are missing. Reports across OSV, NVD, and Nessus...
CVE-2022-28550
Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...
CVE-2022-28550
Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape, jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when...
OSV-2023-467 Stack-buffer-overflow in SetPitchGradient
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59636 Crash type: Stack-buffer-overflow WRITE 1 Crash state: SetPitchGradient calcpitches CalcPitches...
PT-2023-35863 · Git +1 · Espeak-Ng
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details include a crash type of Stack-buffer-overflow WRITE 1, and the crash state...
CVE-2023-22652 Stack buffer overflow in "read_file" function
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...
CVE-2023-32181 Stack buffer overflow in "econf_writeFile" function
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2...
Fedora 37 : editorconfig (2023-6e5d4757df)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6e5d4757df advisory. Security fix for CVE-2023-0341: update to 0.12.6 close RHBZ2162811 Tenable has extracted the preceding description block directly from the Fedora...
The vulnerability of the POST request processing mechanism on Siemens SCALANCE industrial switches allows a perpetrator to trigger a service failure or execute arbitrary code.
The vulnerability of the POST request processing mechanism on Siemens SCALANCE industrial switches lies in the overflow of the stack-based buffer. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code...
CVE-2022-46658
The affected product is vulnerable to a stack-based buffer overflow which could lead to a denial of service or remote code execution...
OSV-2023-407 Stack-buffer-overflow in DwaCompressor_readChannelRules
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59070 Crash type: Stack-buffer-overflow READ Crash state: DwaCompressorreadChannelRules DwaCompressoruncompress internalexrundodwaa...
The vulnerability of the web interface of the microprogramming software for Cisco Small Business Series switches allows a hacker to execute arbitrary code.
The vulnerability of the web interface of the microprogramming software for Cisco Small Business Series switches is related to the possibility of buffer overflow attacks based on a stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
PT-2023-35833 · Git +1 · Openexr
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. Technical details include the DwaCompressor readChannelRules and DwaCompressor uncompress...
The vulnerability of the soap_serverd binary in NETGEAR RAX30 microprogramming devices allows a hacker to bypass authentication procedures and execute arbitrary code.
The vulnerability of the binary file soapserverd in NETGEAR RAX30 router microprogramming systems arises due to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to bypass authentication procedures and execute arbitrary code...
The vulnerability of NETGEAR RAX30 router microprogramming software lies in the lack of proper verification of the length of user data before it is copied into the fixed-length stack buffer. This allows a hacker to execute arbitrary code in the context of the root user.
The vulnerability of NETGEAR RAX30 router microprogramming software lies in the lack of proper verification of the length of user data before it is copied into the fixed-length stack buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the root context using...