CVE-2024-0532

A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function setrepeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapskcrypto24g/wpapskcrypto5g leads to...

CVE-2024-0532

CVE-2024-0532 affects Tenda A15 (version 15.13.07.13) Web-based Management Interface: the WifiExtraSet function set_repeat5, when handling wpapsk_crypto2_4g/wpapsk_crypto5g, can cause a stack-based buffer overflow. The issue is exploitable remotely and has publicly disclosed exploits. Connected d...

CVE-2024-0531

The CVE-2024-0531 issue affects Tenda A15 Web-based Management Interface, specifically the unknown part of the file /goform/setBlackRule . The vulnerability arises from manipulating the deviceList parameter, causing a stack-based buffer overflow that can be triggered remotely. Reported impact inc...

Exploit for Stack-based Buffer Overflow in Sonicwall Sonicos

SonicWall NGFW CVE-2022-22274 & CVE-2023-0656 !example gif...

Horner Automation Cscape

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Horner Automation Equipment : Cscape Vulnerability : Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL...

Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService. The issue results from the lack of proper validation of the...

Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService. The issue results from the lack of proper validation of the...

CVE-2023-37293

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

Stack overflow

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

CVE-2023-37293 stack-based buffer overflow

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

CVE-2023-37293 stack-based buffer overflow

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

CVE-2023-3043 Stack-based Buffer Overflow BMC

AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability...

CVE-2023-3043

CVE-2023-3043 affects AMI MegaRAC SPx BMC, where a stack-based buffer overflow can be triggered over an adjacent network. The vulnerability in the SPx firmware could lead to confidentiality, integrity, and availability losses. Reported CVSS vectors indicate high to critical impact (CVSS v3.1: AV:...

CVE-2023-49236

A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci...

CVE-2023-7220

A vulnerability was found in Totolink NR1800X 9.1.0u.6279B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. Th...

Stack Based Buffer Overflow

gpac/gpac is vulnerable to SBuffer Overflow. The vulnerability is caused due to missing checks for the lineSize within the gftextgetutf8line function. This can potentially lead to a Denial of Service DoS attack...

CVE-2023-7220

CVE-2023-7220 affects Totolink NR1800X running 9.1.0u.6279_B20210910. The vulnerability is in the function loginAuth of /cgi-bin/cstecgi.cgi; manipulation of the password argument leads to a stack-based buffer overflow. The issue can be exploited remotely and, per sources, the exploit has been di...

CVE-2023-7219

The CVE-2023-7219 entry affects Totolink N350RT (v9.3.5u.6139_B202012) via the loginAuth function in /cgi-bin/cstecgi.cgi. The root cause is a stack-based buffer overflow caused by manipulation of the http_host argument, enabling a remote attacker to potentially execute arbitrary code. Public exp...

Siemens Teamcenter Visualization and JT2Go

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2023-49236

A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci...