Stack overflow

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the publi...

Stack overflow

A vulnerability has been found in Tenda AC10U 15.03.06.49multiTDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclos...

Stack overflow

A vulnerability was found in Tenda AC10U 15.03.06.49multiTDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit ha...

CVE-2024-0927

CVE-2024-0927 affects Tenda AC10U firmware 15.03.06.49_multi_TDE01. The vulnerability is a stack-based buffer overflow in the fromAddressNat function, triggered by the entrys/mitInterface/page parameter, allowing remote, unauthenticated exploitation. Multiple sources consistently describe remote ...

CVE-2024-0926

The CVE-2024-0926 entry concerns Tenda AC10U devices, specifically version 15.03.06.49_multi_TDE01, where the formWifiWpsOOB function is vulnerable. Root cause: manipulation of the index argument leads to a stack-based buffer overflow. Impact: remote exploitation, with potential confidentiality, ...

CVE-2024-0925

CVE-2024-0925 affects Tenda AC10U 15.03.06.49_multi_TDE01 in the formSetVirtualSer function, where a stack-based buffer overflow is caused by manipulation of the argument list. The vulnerability can be triggered remotely and an exploit has been disclosed publicly (VDB-252130). Several connected s...

CVE-2024-0924

The CVE-2024-0924 issue affects Tenda AC10U with version 15.03.06.49_multi_TDE01, specifically the formSetPPTPServer function. The vulnerability arises from improper validation of the startIp argument, causing a stack-based buffer overflow that can be triggered remotely. Public exploit informatio...

CVE-2024-0923

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49multiTDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has bee...

CVE-2024-0922

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49multiTDE01. Affected by this vulnerability is the function formQuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2024-0923

CVE-2024-0923 affects Tenda AC10U, specifically the formSetDeviceName function in version 15.03.06.49_multi_TDE01. The vulnerability is a stack-based buffer overflow caused by manipulating the devName argument, enabling remote exploitation with high impact to confidentiality, integrity, and avail...

CVE-2024-0922

CVE-2024-0922 affects Tenda AC10U firmware 15.03.06.49_multi_TDE01. The vulnerability is in the function formQuickIndex where binding or manipulation of the PPPOEPassword argument causes a stack-based buffer overflow. It is exploitable remotely and, per multiple sources, can lead to arbitrary cod...

Stack overflow

A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges...

CVE-2024-23622 IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow

A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges...

GLSA-202401-28 : GOCR: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-28 GOCR: Multiple Vulnerabilities - A stack-based buffer overflow vulnerability was discovered in gocr through 0.53-20200802 in measurepitch in pgm2asc.c. CVE-2021-33479 - An use-after-free vulnerability was discovered in...

Security Bulletin: IBM Storage Ceph is vulnerable to Out-of-bounds Read in the RHEL UBI (CVE-2023-4527)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-4527 This bulletin identifies the steps to take to address the vulnerability in RHEL. Vulnerability Details CVEID:CVE-2023-4527 DESCRIPTION: glibc is vulnerable to a stack-based buffer overflow, caused by improper...

CVE-2023-43822

A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code...

CVE-2023-43823

A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution...

Stack overflow

A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote co...

CVE-2023-43822 Delta Electronics Delta Industrial Automation DOPSoft DPS File wLogTitlesTimeLen Buffer Overflow Remote Code Execution

A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code...

CVE-2023-6340

SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service DoS caused by Stack-based Buffer Overflow vulnerability...