Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

GLSA-202311-05 : LinuxCIFS utils: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202311-05 LinuxCIFS utils: Multiple Vulnerabilities - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges...

Stack overflow

Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file...

CVE-2023-35127

Fuji Electric Tellus Lite V-Simulator is affected by a stack-based buffer overflow in the V-Simulator 6 V9 file parsing, caused by improper validation of the length of user-supplied data before copying to a fixed-length stack buffer. This vulnerability can allow remote code execution in affected ...

CVE-2023-35127 Fuji Electric Tellus Lite V-Simulator Stack-based Buffer Overflow

Stack-based buffer overflow may occur when Fuji Electric Tellus Lite V-Simulator parses a specially-crafted input file...

CVE-2023-45225 Zavio IP Camera Stack-Based Buffer Overflow

Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 are vulnerable to multiple instances of stack-based overflows. While parsing certain XML elements from incoming network requests, the product does not...

Fedora 39 : exim (2023-f1c8e4c1cc)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f1c8e4c1cc advisory. This is new version of exim. ---- This is an exim update fixing several security problems. Tenable has extracted the preceding description block...

Rocky Linux 8 : opensc (RLSA-2021:1600)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1600 advisory. - The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile. CVE-2020-26570 - The gemsa...

RockyLinux 8 : mariadb:10.5 (RLSA-2022:5826)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5826 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669 mariadb:...

Zavio IP Camera

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Zavio Equipment : IP Camera Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer, OS Command Injection 2. RISK EVALUATION Successful exploitation of these...

Fedora 37 : xen (2023-881672fdab)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-881672fdab advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...

Fedora 38 : xen (2023-a4c606585e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a4c606585e advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...

SUSE SLES12 Security Update : xen (SUSE-SU-2023:4185-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4185-1 advisory. - The vulnerability exists due to a reachable assertion when handling negative quota values in C Xenstored. A malicious guest can...

Ubuntu 16.04 ESM / 18.04 ESM : liveMedia vulnerabilities (USN-4853-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4853-1 advisory. It was discovered that liveMedia incorrectly handled certain network packets. An attacker could possibly use this issue to execute arbitrary...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Liblouis vulnerabilities (USN-3672-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3672-1 advisory. Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary...

Ubuntu 16.04 ESM : musl vulnerabilities (USN-4768-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4768-1 advisory. It was discovered that musl did not properly handle kernel syscalls. An attacker could use this vulnerability to cause a denial of service crash or...

Ubuntu 20.04 ESM : Olm vulnerability (USN-5194-1)

The remote Ubuntu 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5194-1 advisory. Denis Kasak discovered that Olm was not verifying the length of input being processed by the olmpkdecrypt module, which introduced a stack-based buffer overflow...

Ubuntu 16.04 ESM : Leptonica vulnerabilities (USN-4819-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4819-1 advisory. It was discovered that Leptonica incorrectly handled path names. An attacker could possibly use this issue to obtain sensitive information. This issue on...

CVE-2023-35986 Santesoft Sante DICOM Viewer Pro Stack-based Buffer Overflow

Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2023-4601 Stack-based Buffer Overflow in NI System Configuration Software

A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and a...