Stack overflow

In Tenda AC15 V15.03.05.19, the function "henanpppoeuser" contains a stack-based buffer overflow vulnerability...

Stack overflow

In Tenda AC15 V15.03.05.19, The function "xkjsver32" contains a stack-based buffer overflow vulnerability...

Stack overflow

In Tenda AC15 V15.03.05.19, the function "xianpppoeuser" contains a stack-based buffer overflow vulnerability...

CVE-2023-30376

CVE-2023-30376 concerns a stack-based buffer overflow in the function henan_pppoe_user of the router firmware for Tenda AC15 V15.03.05.19 . The vulnerability is characterized as a network-exploitable issue with a base score of 9.8 (CRITICAL) under CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). T...

CVE-2023-30370

CVE-2023-30370 affects the Tenda AC15 router specifically version V15.03.05.19. The vulnerability is a stack-based overflow in the GetValue function, which can lead to complete compromise of affected devices. The CVE’s published metrics indicate a 9.8/10 CRITICAL base score with network access re...

CVE-2023-30378

In Tenda AC15 V15.03.05.19, the function "sub8EE8" contains a stack-based buffer overflow vulnerability...

CVE-2023-30371

In Tenda AC15 V15.03.05.19, the function "subED14" contains a stack-based buffer overflow vulnerability...

CVE-2023-30371

CVE-2023-30371 affects Tenda AC15 firmware V15.03.05.19, where the vulnerable function sub_ED14 has a stack-based buffer overflow. Technical details across sources identify the affected device and function but do not provide a patch version or confirmed remediation. CVSS 3.1 indicates high impact...

CVE-2023-30375

The CVE-2023-30375 entry affects Tenda AC15 router, specifically version V15.03.05.19, where the stack-based buffer overflow exists in the getIfIp function. The issue is triggered remotely over the network (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with a base score of 9.8 (CRITICAL). Docum...

(Pwn2Own) Oracle VirtualBox TPM MMIO Handling Stack-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...

Debian: Security Advisory (DLA-3397-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-30372

CVE-2023-30372 affects Tenda AC15 V15.03.05.19: the stack-based overflow in the xkjs_ver32 function. CVSS v3.1 base score 9.8 (Critical) with NETWORK attack vector, no user interaction required; impacts to confidentiality, integrity, and availability are HIGH. The vulnerability stems from a stack...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Vim vulnerabilities (USN-6026-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6026-1 advisory. It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal...

Security Bulletin: Vulnerabilities in php53 affect IBM BladeCenter Advanced Management Module (AMM) (CVE-2017-9227, CVE-2017-9226, CVE-2017-9224)

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in php53. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in php53. Vulnerability Details CVEID: CVE-2017-9227 Description:...

Security Bulletin: Vulnerabilities in libxml2 affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems

Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following...

Security Bulletin: Vulnerabilities in GNU C library (glibc) affect IBM BladeCenter Advanced Management Module (AMM) (CVE-2015-7547 CVE-2015-8776 CVE-2015-8777)

Summary Vulnerabilities in GNU C library glibc, including a stack-based buffer overflow in getaddrinfo, affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details Summary Vulnerabilities in GNU C library glibc, including a stack-based buffer overflow in getaddrinfo, affect IBM...

CVE-2023-26412

CVE-2023-26412 affects Adobe Substance 3D Designer up to version 12.4.0. The root cause is a stack‑based buffer overflow in USDA file parsing, where input length was not properly validated, allowing arbitrary code execution in the context of the current user. Exploitation requires user interactio...

CVE-2023-26412 ZDI-CAN-20314: Adobe Substance 3D Designer USDA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Adobe Substance 3D Designer version 12.4.0 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...