CVE-2024-23374 Stack-based Buffer Overflow in Power Management IC

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file...

CVE-2024-41586

A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component...

CVE-2024-47135

Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may...

CVE-2024-23938

Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. T...

CVE-2024-23935 Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability

Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device...

CVE-2024-9284

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-9284

TP-LINK TL-WR841ND (versions up to 20240920) is affected by a stack-based buffer overflow in the web UI file /userRpm/popupSiteSurveyRpm.htm triggered by manipulating the ssid parameter. The issue can be exploited remotely over the network. Public exploitation details exist. The provided document...

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2022-23219]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-23219 Vulnerability Details CVEID:CVE-2022-23219 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by...

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2022-23218]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-23218 Vulnerability Details CVEID:CVE-2022-23218 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by...

CVE-2024-23933

CVE-2024-23933 affects Sony XAV-AX5500 cars units via a CarPlay TLV stack-based buffer overflow. The root cause is insufficient validation of user-supplied data length before copying to a fixed-size stack buffer, enabling remote code execution when a physically present attacker exploits the proto...

CVE-2024-31570

libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file...

CVE-2024-34026

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to...

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2005 OpenPLC OpenPLCv3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability September 18, 2024 CVE Number CVE-2024-34026 SUMMARY A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality...

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

CVE-2024-45694

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45695 D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45695

CVE-2024-45695 affects D-Link DIR-X4860 wireless routers. The web service exposes a stack-based buffer overflow in unauthenticated context, enabling remote code execution. Public sources confirm the DIR-X4860 as affected and describe the root cause as a stack-based overflow in the device’s web se...

CVE-2024-45694 D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45694

CVE-2024-45694 affects certain D-Link wireless routers (e.g., DIR-X4860, DIR-X5460, COVR-X1870) via a stack-based buffer overflow in the device web service that allows unauthenticated remote code execution. The vulnerability is triggered by malformed input to the web service, enabling an attacker...

Sony Network Cameras Stack-based Buffer Overflow (CVE-2018-3938)

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POS...