CVE-2021-34123

An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf in asm.c allows attackers to execute arbitrary code on the system via a crafted file...

CVE-2021-21813

Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflo...

CVE-2020-25857

The function ClientEAPOLKeyRecvd in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an rtlmemcpy operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker c...

CVE-2020-25853

The function CheckMic in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an internal function, rtmd5hmacveneer or rthmacsha1veneer, resulting in a stack buffer over-read which can be exploited for denial ...

CVE-2020-25854

The function DecWPA2KeyData in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an internal function, rtarc4cryptveneer or AESUnWRAPveneer, resulting in a stack buffer overflow which can be exploited for...

CVE-2020-24055

Verint 5620PTZ VerintFW042 and Verint 4320 V4320FW023, and V4320FW031 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not requi...

CVE-2020-23877

pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream...

CVE-2020-23878

pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch...

CVE-2020-20486

IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10xStaAddr...

CVE-2020-14268

A vulnerability in the MIME message handling of the Notes client versions 9 and 10 could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code into the system which would execute with the...

CVE-2020-14231

A vulnerability in the input parameter handling of HCL Client Application Access v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. This could allow the attacker to crash the program or inject code into the system which would execute with the...

CVE-2020-23060

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file...

CVE-2020-18734

A stack buffer overflow in /ddsi/qbitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash...

CVE-2020-21601

libde265 v1.0.4 contains a stack buffer overflow in the putqpelfallback function, which can be exploited via a crafted a file...

CVE-2020-29019

A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header...

CVE-2020-28964

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Search function. This vulnerability allows attackers to escalate local process privileges via unspecified vectors...

CVE-2020-27302

A stack buffer overflow in Realtek RTL8710 and other Ameba-based devices can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake...

CVE-2020-27301

A stack buffer overflow in Realtek RTL8710 and other Ameba-based devices can lead to remote code execution via the "AESUnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake...

CVE-2020-25014

A stack-based buffer overflow in fbwificontinue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet...

CVE-2020-21050

Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gifprocessraster at fromgif.c...