CVE-2022-45460

CVE-2022-45460 affects XiongMai NVRs (e.g., MBD6304T and NBD6808T-PL) and is caused by a stack-based buffer overflow triggered by a long URI in a sprintf call on the web server. An unauthenticated, remote attacker can crash the web server and reboot the device, with potential arbitrary code execu...

CVE-2022-45460

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow an unauthenticated and remote user to exploit a stack-based buffer overflow and crash the web server, resulting in a system reboot. An unauthenticat...

CVE-2022-24973

CVE-2022-24973 affects TP-Link TL-WR940N routers (httpd on port 80). The flaw is a stack-based buffer overflow caused by improper validation of user-supplied data length in the httpd service, allowing network-adjacent attackers to execute code with root privileges. Exploitation was described in Z...

CVE-2023-1646

CVE-2023-1646 affects IObit Malware Fighter 9.4.0.776. The issue resides in the IOCTL Handler’s IMFCameraProtect.sys, manipulation of functions 0x8018E000/0x8018E004 causes a stack-based buffer overflow. Local exploitation is required; the exploit has been publicly disclosed. PT-2023-2360 notes a...

Security Bulletin: Multiple vulnerabilities in IBM Content Navigator may affect IBM Business Automation Workflow

Summary IBM Business Automation Workflow embeds a version of IBM Content Navigator that is vulnerable to denial of service attacks and missing authorization. Vulnerability Details CVEID:CVE-2022-40151 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-117)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-117 advisory. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. CVE-2022-3234 Use After Free in GitHub repository vim/vim prior to 9.0.0490. CVE-2022-3235 Use After Free in GitHub...

Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-098)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-098 advisory. 2024-02-15: CVE-2022-3591 was added to this advisory. 2024-02-15: CVE-2022-3520 was added to this advisory. A flaw was found in vim. A possible heap-based buffer overflow could allow an attacke...

Delta DOPSoft <= 4.00.16.22 Multiple Vulnerabilities

The version of Delta DOPSoft installed on the remote host is prior to or equal to 4.00.16.22. It is, therefore, affected by multiple vulnerabilities as referenced in the CISA ICSA-23-031-01 advisory. - Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer...

CBL Mariner 2.0 Security Update: libjpeg-turbo (CVE-2020-17541)

The version of libjpeg-turbo installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-17541 advisory. - Libjpeg-turbo all version have a stack-based buffer overflow in the transform component. A remote...

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 ESM / 22.04 ESM : abcm2ps vulnerabilities (USN-5961-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5961-1 advisory. It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could...

Siemens Tecnomatix Plant Simulation SPP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20)

The version of Adobe Dimension installed on the remote Windows host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

PT-2023-20010 · Gfi · Gfi Kerioconnect

Name of the Vulnerable Software and Affected Versions: GFI Kerio Connect versions 9.4.1 patch 1 through 9.4.1 patch 1 Description: An issue was discovered in the webmail component's 2FASetup function, which is vulnerable to a stack-based Buffer Overflow. This occurs via an authenticated request...

CVE-2022-33260

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size...

Stack-Based Buffer Overflow

nvidia-cuda-toolkit is vulnerable to Stack-Based Buffer Overflows. A remote attacker is able to exploit a buffer overflow condition by persuading a local user to download a corrupted file and execute cuobjdump against it, leading to denial of service and loss of data integrity...

SUSE SLES11 Security Update : cifs-utils (SUSE-SU-2022:14950-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:14950-1 advisory. - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gainin...

EulerOS 2.0 SP5 : vim (EulerOS-SA-2023-1518)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. CVE-2022-1725 - NULL Pointer Dereference in GitHub repository vim/vim prio...

Debian: Security Advisory (DLA-323-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-488-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...