Fedora 38 : ImageMagick (2023-27548af422)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-27548af422 advisory. Update ImageMagick to 7.1.1.15 2217558 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

(0Day) Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

CVE-2023-41028

CVE-2023-41028 affects Juplink RX4-1500 WiFi routers (versions 1.0.2–1.0.5). A stack-based buffer overflow allows an authenticated attacker to achieve code execution as root. Rooted in the vulnerable handling of input data, the issue enables unrestricted code execution with high impact. Mitigatio...

CVE-2023-41028 Juplink RX4-1500 Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root...

CVE-2023-41028 Juplink RX4-1500 Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root...

Ivanti Avalanche < 6.4.1 Multiple Vulnerabilities

Binary data ivantiavalanche641.nbin...

Stack overflow

TOTOLINK T10v2 5.9c.5061B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cstemodules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code...

Hitachi Energy RTU500 series

1. EXECUTIVE SUMMARY ​CVSS v3 7.5 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Hitachi Energy ​Equipment: RTU500 series ​Vulnerabilities: Stack-based Buffer Overflow 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could cause a buffer overflow and reboot of...

CVE-2023-40041

TOTOLINK T10v2 5.9c.5061B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cstemodules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code...

CVE-2023-0426

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make th...

CVE-2023-0426

CVE-2023-0426 affects ABB Freelance controllers AC 700F and AC 900F, with a stack-based buffer overflow as the root cause. Affected ranges include AC 700F (versions 9.0.0 to 9.2 SP2 and various Freelance releases up to 2019 SP1 FP1) and AC 900F (through Freelance 2013SP1, 2016, 2019 SP1, and SP1 ...

CVE-2023-33375

Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices...

CVE-2023-33375

Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices...

CVE-2023-33375

CVE-2023-33375 affects Connected IO ER2000 edge routers (v2.1.0 and earlier). The vulnerability is a stack-based buffer overflow in the device’s communication protocol that enables an attacker to take control of the device. Documented impact is high (CVE score 9.8; Confidentiality/Integrity/Avail...

Moxa EDR-G902 and EDR-G903 Series Routers Stack-Based Buffer Overflow (CVE-2020-14511)

Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers versions prior to 5.4. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Moxa AWK-3131A Series Industrial AP/Bridge/Client Stack-Based Buffer Overflow (CVE-2019-5153)

An exploitable remote code execution vulnerability exists in the iwwebs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send...

Security Bulletin: IBM PowerVM Novalink is vulnerable because GraphQL Java is vulnerable to a denial of service, caused by a stack-based buffer overflow. (CVE-2023-28867)

Summary IBM PowerVM Novalink is vulnerable because GraphQL Java is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially crafted GraphQL query, a remote attacker could exploit this vulnerability to cause a stack consumption. Vulnerability Details...

RHEL 9 : libeconf (RHSA-2023:4347)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4347 advisory. Libeconf is a highly flexible and configurable library to parse and manage key=value configuration files. It reads configuration file snippe...

EulerOS Virtualization 3.0.6.6 : vim (EulerOS-SA-2023-2442)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. CVE-2022-1725 - Buffer Over-read in GitHub repository vim/v...

CVE-2023-22363

A stack-based buffer overflow in the Command Centre Server allows an attacker to cause a denial of service attack via assigning cardholders to an Access Group. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2...