7301 matches found
CVE-2023-51566
Kofax Power PDF is affected by an OXPS file parsing vulnerability described as a stack-based buffer overflow that can lead to Remote Code Execution. The flaw results from inadequate validation of the length of user-supplied data before copying it into a fixed-length stack buffer during OXPS parsi...
CVE-2023-50211 D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this...
CVE-2023-50209 D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific...
CVE-2023-50209
CVE-2023-50209 affects D-Link G416 wireless routers. The cfgsave function in the HTTP service (port 80) has a stack-based buffer overflow due to improper validation of user-supplied data, enabling remote, network-adjacent attackers to execute arbitrary code with root privileges without authentica...
CVE-2023-50186 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2023-44445
NETGEAR CAX30 SSO stack-based buffer overflow (CVE-2023-44445) affects the sso binary. Lack of proper length validation on user data copied into a fixed-size stack buffer enables network-adjacent attackers to execute arbitrary code with root privileges. No authentication required; impact describe...
CVE-2023-44431 BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability
BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target...
CVE-2023-44431 BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability
BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target...
CVE-2023-44417 D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-44409 D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...
CVE-2023-44409
Summary: CVE-2023-44409 affects the D-Link DAP-1325, where the HNAP1 SOAP endpoint mishandles XML data, failing to validate data length before copying into a fixed-size stack buffer. This causes a stack-based overflow that can allow a network-adjacent attacker to execute code with root privileges...
CVE-2023-44408 D-Link DAP-1325 SetAPLanSettings IPAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1325 SetAPLanSettings IPAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerabilit...
CVE-2023-44407 D-Link DAP-1325 SetAPLanSettings Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1325 SetAPLanSettings Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...
CVE-2023-44406 D-Link DAP-1325 SetAPLanSettings DeviceName Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1325 SetAPLanSettings DeviceName Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...
CVE-2023-44404 D-Link DAP-1325 get_value_from_app Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1325 getvaluefromapp Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-44404 D-Link DAP-1325 get_value_from_app Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1325 getvaluefromapp Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-41228 D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability...
CVE-2023-41226
Summary of CVE-2023-41226 (D-Link DIR-3040): The vulnerability is a stack-based overflow in the prog.cgi binary that handles HNAP requests to the lighttpd webserver (ports 80/443). Lack of proper validation of a user-supplied string allows a network-adjacent attacker to trigger a remote code exec...
CVE-2023-41226 D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41225 D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...