CVE-2024-7992 Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current proces...

CVE-2024-7992

Autodesk AutoCAD and certain AutoCAD-based products are affected by CVE-2024-7992 due to parsing a malicious DWG file that can trigger a stack-based buffer overflow. The vulnerability may crash the process, allow reading of sensitive data, or execute arbitrary code in the current process. Descrip...

CVE-2024-7992 Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current proces...

CVE-2024-10434

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ateTendamfgcheckusb/ateTendamfgcheckusb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attac...

CVE-2024-10434

CVE-2024-10434 affects Tenda AC1206 devices up to 20241027. The vulnerability targets the functions ate_Tenda_mfg_check_usb and ate_Tenda_mfg_check_usb3 in /goform/ate, where improper validation of the argument arg enables a stack-based buffer overflow. This enables remote exploitation with high ...

CVE-2024-10434 Tenda AC1206 ate ate_Tenda_mfg_check_usb3 stack-based overflow

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ateTendamfgcheckusb/ateTendamfgcheckusb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attac...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-2666)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fortinet FortiWeb ] Stack-Based Buffer Overflow vulnerability using a crafted request (FG-IR-20-125)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-125 advisory. - A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an...

CVE-2024-10351 Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow

A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...

CVE-2024-10351

The CVE-2024-10351 vulnerability affects Tenda RX9 Pro (version 22.03.02.20) in the POST handler function /goform/setMacFilterCfg, sub_424CE0. Manipulating the deviceList argument leads to a stack-based buffer overflow, allowing remote exploitation and potentially arbitrary code execution. Public...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in WebSphere Application Server Liberty

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of WebSphere Application Server Liberty Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Google Protocol Buffers a.k.a., protobuf is vulnerable to a denial of service, caused by a stack-based buffer overfl...

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

Summary cURL libcurl, Apache Xerces2 Java, Apache Jena, Spring Framework, json-smart-v1 and json-smart-v2 , libxml2, Apache Standard Taglibs , Apache ActiveMQ, Apache Commons Codec are identified as vulnerable components with multiple reported vulnerabilities, CVE-2022-35260, CVE-2022-42915,...

CVE-2024-10283

A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

Adobe Illustrator < 16.0.5 / 16.2.0 < 16.2.2 (APSB14-11) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 16.0.5, 16.2.2. It is, therefore, affected by a vulnerability as referenced in the APSB14-11 advisory. - Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote...

Adobe After Effects < 18.4.5 / 22.0.0 < 22.2.1 Multiple Arbitrary code execution (APSB22-17) (macOS)

The version of Adobe After Effects installed on the remote macOS host is prior to 18.4.5, 22.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-17 advisory. - Adobe After Effects versions 22.2 and earlier and 18.4.4 and earlier are affected by an out-of-bounds...

CVE-2024-10194

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Gotochidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer...

CVE-2024-10194

CVE-2024-10194 affects WAVLINK WN530H4, WN530HG4 and WN572HG3 (up to 20221028). The issue is in the Front-End Authentication Page, specifically the function Goto_chidx in the file login.cgi . Manipulating the argument wlanUrl causes a stack-based buffer overflow. Exploitation is possible only wit...

CVE-2024-10130

A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack can be initiated remotely. Th...

CVE-2024-10130

The CVE-2024-10130 entry affects Tenda AC8 firmware 16.03.34.06. The issue resides in the function formSetRebootTimer of /goform/SetSysAutoRebbotCfg, where manipulating the rebootTime argument causes a stack-based buffer overflow. Exploitation is described as remote and publicly disclosed. Affect...