CVE-2025-0840

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to Google Protocol Buffers (CVE-2024-7254).

Summary IBM App Connect Enterprise and IBM App Connect Enterprise Toolkit are vulnerable to a denial of service due to Google Protocol Buffers CVE-2024-7254. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Google...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service [CVE-2024-7254]

Summary The Google Protocol Buffers package is used by IBM App Connect Enterprise Certified Container for processing DFDL message definitions. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime that use the DFDL parser are vulnerable to denial of service. This...

Security Bulletin: IBM Maximo Application Suite uses bcprov-jdk18on-1.72.jar and protobuf-java-3.22.0.jar which is vulnerable to CVE-2023-33201, CVE-2023-33202, CVE-2024, CVE-2024-7254

Summary Security Bulletin: Security Bulletin: IBM Maximo Application Suite uses bcprov-jdk18on-1.72.jar and protobuf-java-3.22.0.jar which is vulnerable to CVE-2023-33201, CVE-2023-33202, CVE-2024, CVE-2024-7254. This bulletin contains information regarding the vulnerability and its fixture...

Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2024-7254).

Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2024-7254. An update to IBM CICS TX Advanced has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Google Protocol Buffers...

Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms (CVE-2024-7254).

Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms CVE-2024-7254. An update to IBM TXSeries for Multiplatforms has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Goog...

CVE-2025-0720

The CVE-2025-0720 issue affects Microword eScan Antivirus 7.0.32 on Linux, specifically the removeExtraSlashes function in /opt/MicroWorld/sbin/rtscanner within the Folder Watch List Handler. The flaw enables a stack-based buffer overflow and is exploitable with local access. Reports indicate the...

Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

CVE-2025-0566

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-0529

A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The...

CVE-2025-0529

CVE-2025-0529 affects code-projects Train Ticket Reservation System 1.0, specifically the Login Form component. The vulnerability is a stack-based overflow triggered by tampering with the username parameter, requiring local access to exploit. The CVE entry notes that the exploit has been disclose...

CVE-2025-0529 code-projects Train Ticket Reservation System Login Form stack-based overflow

A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The...

CVE-2024-34579 Fuji Electric Alpha5 SMART Stack-Based Buffer Overflow

Fuji Electric Alpha5 SMART is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

Adobe Substance 3D Stager 3.1.0 Multiple Vulnerabilities (APSB25-03)

The version of Adobe Substance 3D Stager installed on the remote host is prior to 3.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-03 advisory. - Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability th...

K000149329: PostgreSQL vulnerabilities CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, and CVE-2014-0063

Security Advisory Description CVE-2014-0060 PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users t...

CVE-2025-21128

Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21128

The CVE-2025-21128 entry concerns Adobe Substance3D Stager, feature: Stack-based Buffer Overflow in Stager versions 3.0.4 and earlier. Root cause: overflow in processing of user-provided files leading to arbitrary code execution in the context of the current user. Impact: high, since code executi...

CVE-2025-21128 Substance3D - Stager | Stack-based Buffer Overflow (CWE-121)

Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21128 Substance3D - Stager | Stack-based Buffer Overflow (CWE-121)

Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-39357

A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...