The vulnerability of the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays. This vulnerability is related to the occurrence of operations outside the buffer boundaries in memory, allowing an attacker to cause a service failure.

The vulnerability of the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays is related to buffer overflows based on a stack-based mechanism. Exploiting this vulnerability could allow an attacker to cause service failures...

CVE-2024-3871

The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successful exploitation of these flaws would allow remote unauthenticated attackers t...

CVE-2024-3871 Authenticated Remote Command Injection in Delta Electronics DVW

The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This interface implements multiple features that are affected by command injections and stack overflows vulnerabilities. Successful exploitation of these flaws would allow remote unauthenticated attackers t...

CVE-2024-3871

CVE-2024-3871 affects Delta Electronics DVW-W02W2-E2 web administration interface, with versions up to 2.5.2. The issue stems from command injections and stack overflows in the web UI, enabling remote attackers to achieve remote code execution with elevated privileges. The NVD entry states this c...

CVE-2023-43755

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. During the processing and parsing of certain fields in XML elements from incoming network request...

Stack overflow

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not...

CVE-2022-48130

Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters staticRouteNet, staticRouteMask, staticRouteGateway, staticRouteWAN...

CVE-2021-26727

Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...

CVE-2022-37814

Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the deviceid parameters in the function addWifiMacFilter...

CVE-2022-25431

Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function...

CVE-2022-25431

Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function...

NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws

U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module SOM series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure. Tracked from...

SUSE: Security Advisory (SUSE-SU-2014:0760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:2088-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : zeek -- Various vulnerabilities (1a6b7641-aed2-4ba1-96f4-c282d5b09c37)

Jon Siwek of Corelight reports : This release fixes the following security issues : - Fix buffer over-read in Ident analyzer - Fix SSL scripting error leading to uninitialized field access and memory leak - Fix POP3 analyzer global buffer over-read - Fix potential stack overflows due to use of...

zeek -- Various vulnerabilities

Jon Siwek of Corelight reports: This release fixes the following security issues: Fix buffer over-read in Ident analyzer Fix SSL scripting error leading to uninitialized field access and memory leak Fix POP3 analyzer global buffer over-read Fix potential stack overflows due to use of...

redis: Heap corruption in lua_cmsgpack.c

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...

Advantech WebAccess < 7.2-2014.06.06 Multiple Vulnerabilities

Binary data 9958.prm...

SUSE SLES11 Security Update : w3m (SUSE-SU-2016:3046-1)

This update for w3m fixes the following issues : - update to debian git version bsc1011293 addressed security issues: CVE-2016-9621: w3m: global-buffer-overflow write bsc1012020 CVE-2016-9622: w3m: null deref bsc1012021 CVE-2016-9623: w3m: null deref bsc1012022 CVE-2016-9624: w3m: near-null deref...

Vulnerabilities in IniNet Solutions GmbH’s SCADA Web Server, allowing a perpetrator to execute arbitrary code

The multiple vulnerabilities of IniNet Solutions GmbH’s SCADA Web Server are caused by buffer overflows in the stack. Exploitation of these vulnerabilities could allow a malicious actor to execute arbitrary code using a long HTTP request field...