7301 matches found
CVE-2023-47856
A stack-based buffer overflow vulnerability exists in the boa setRadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-50240
Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...
CVE-2023-50243
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...
CVE-2023-50243
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...
CVE-2023-41251
A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2023-50243
Realtek rtl819x Jungle SDK v3.4.11 (Boa web server) contains two stack-based buffer overflow vulnerabilities in boa formIpQoS: CVE-2023-50243 (comment) and CVE-2023-50244 (entry_name). Exploitation via specially crafted HTTP requests to /boafrm/formIpQoS can lead to remote code execution; PoCs ar...
CVE-2023-50244
Two stack-based buffer overflow vulnerabilities exist in the boa formIpQoS functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...
CVE-2023-49867
CVE-2023-49867 describes a stack-based buffer overflow in the Realtek rtl819x Jungle SDK v3.4.11, specifically the boa web server API /boafrm/formWsc. The vulnerability stems from an unsafe handling of the targetAPMac parameter: the code copies hexadecimal characters into a stack buffer (targetAP...
CVE-2023-50330
A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send a series of HTTP requests to trigger this vulnerability...
Realtek rtl819x Jungle SDK boa setRepeaterSsid stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1891 Realtek rtl819x Jungle SDK boa setRepeaterSsid stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-45215 SUMMARY A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle...
Realtek rtl819x Jungle SDK boa formFilter stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1875 Realtek rtl819x Jungle SDK boa formFilter stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-49073 SUMMARY A stack-based buffer overflow vulnerability exists in the boa formFilter functionality of Realtek rtl819x Jungle SDK v3.4.1...
Realtek rtl819x Jungle SDK boa getInfo stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1903 Realtek rtl819x Jungle SDK boa getInfo stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-50330 SUMMARY A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A...
CVE-2024-29507
A flaw was found in Ghostscript. Under specific conditions, the cidfsubstpath and cidfsubstfont parameters set by corresponding Postscript objects are used to load substitute fonts in pdfiopenCIDFontsubstitutefile. The values are copied via memcpy into the fontfname buffer without bounds checks...
CVE-2024-29506
A flaw was found in Ghostscript. The PDFDEBUG flag controls the value of ctx-args.debug. In pdfiapplyfilter. This issue enables the execution of a memcpy into a stack buffer, without bounds checks. A filter name larger than 100 will overflow the str buffer, which may lead to an application crash ...
CVE-2024-29507
Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters...
CVE-2024-29506
Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfiapplyfilter function via a long PDF filter name...
CVE-2024-29506
Artifex Ghostscript is affected by CVE-2024-29506: Ghostscript before 10.03.0 contains a stack-based buffer overflow in pdfi_apply_filter() triggered by a long PDF filter name. Impact, per available references, includes potential memory corruption with high-severity risk; exploitation details are...
CVE-2024-6403
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched...
CVE-2024-6402
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be launched remotely...
(Pwn2Own) Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Apple CarPlay protocol. The issue results...