CVE-2024-22087

route in main.c in Pico HTTP Server in C through f3b69a6 has an sprintf stack-based buffer overflow via a long URI, leading to remote code execution...

CVE-2024-22086

handlerequest in http.c in cherry through 4b877df has an sscanf stack-based buffer overflow via a long URI, leading to remote code execution...

Stack overflow

A vulnerability was found in Totolink N350RT 9.3.5u.6139B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. Th...

CVE-2023-7187

The CVE-2023-7187 entry affects Totolink N350RT (v9.3.5u.6139_B20201216) where the HTTP POST Request Handler at /cgi-bin/cstecgi.cgi?action=login&flag=ie8 can trigger a stack-based buffer overflow in a vulnerable component. Publicly disclosed exploit and advisories indicate high severity with pot...

CVE-2021-46901

examples/6lbr/apps/6lbr-webserver/httpd.c in CETIC-6LBR aka 6lbr 1.5.0 has a strcat stack-based buffer overflow via a request for a long URL over a 6LoWPAN network...

Stack overflow

examples/6lbr/apps/6lbr-webserver/httpd.c in CETIC-6LBR aka 6lbr 1.5.0 has a strcat stack-based buffer overflow via a request for a long URL over a 6LoWPAN network...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : zbar (SUSE-SU-2023:4948-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4948-1 advisory. - A heap-based buffer overflow exists in the qrreadermatchcenters function of ZBar 0.23.90...

D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

CVE-2023-6314

Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the libcmm.so module. The issue results from the lack of proper...

CVE-2023-50965

In MicroHttpServer aka Micro HTTP Server through 4398570, ReadStaticFiles in lib/middleware.c allows a stack-based buffer overflow and potentially remote code execution via a long URI...

CVE-2023-6888

A vulnerability classified as critical was found in PHZ76 RtspServer 1.0.0. This vulnerability affects the function ParseRequestLine of the file RtspMesaage.cpp. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publ...

CVE-2023-6888

A vulnerability classified as critical was found in PHZ76 RtspServer 1.0.0. This vulnerability affects the function ParseRequestLine of the file RtspMesaage.cpp. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publ...

CVE-2023-40476

A stack-based buffer overflow was found in the GStreamer Plugins Bad when handling malformed files with H.265 video streams. This issue requires user interaction with the library and may allow a malicious user to cause an integer overflow before allocating the buffer, triggering a crash or code...

CVE-2023-50268

A stack-based buffer overflow vulnerability was found in the Jq project. This issue occurs when submitting malicious input to the application, leading to an application crash and causing a denial of service...

CVE-2023-50268

CVE-2023-50268 concerns jq, a command-line JSON processor. Multiple sources confirm: jq 1.7 is vulnerable to a stack-based buffer overflow in builds using decNumber; a patch is included in version 1.7.1. Practical impact is not elaborated beyond the buffer overflow description in the provided doc...

CVE-2023-50268 jq has stack-based buffer overflow in decNaNs

jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue...

CVE-2023-50268

jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue...

CVE-2023-50268

jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue...