Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2024-7254).

Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2024-7254. An update to IBM CICS TX Advanced has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Google Protocol Buffers...

Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms (CVE-2024-7254).

Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM TXSeries for Multiplatforms CVE-2024-7254. An update to IBM TXSeries for Multiplatforms has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Goog...

CVE-2025-0720

The CVE-2025-0720 issue affects Microword eScan Antivirus 7.0.32 on Linux, specifically the removeExtraSlashes function in /opt/MicroWorld/sbin/rtscanner within the Folder Watch List Handler. The flaw enables a stack-based buffer overflow and is exploitable with local access. Reports indicate the...

Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

CVE-2025-0566

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-0529

A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The...

CVE-2025-0529

CVE-2025-0529 affects code-projects Train Ticket Reservation System 1.0, specifically the Login Form component. The vulnerability is a stack-based overflow triggered by tampering with the username parameter, requiring local access to exploit. The CVE entry notes that the exploit has been disclose...

CVE-2025-0529 code-projects Train Ticket Reservation System Login Form stack-based overflow

A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The...

CVE-2024-34579 Fuji Electric Alpha5 SMART Stack-Based Buffer Overflow

Fuji Electric Alpha5 SMART is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

Adobe Substance 3D Stager 3.1.0 Multiple Vulnerabilities (APSB25-03)

The version of Adobe Substance 3D Stager installed on the remote host is prior to 3.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-03 advisory. - Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability th...

K000149329: PostgreSQL vulnerabilities CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, and CVE-2014-0063

Security Advisory Description CVE-2014-0060 PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users t...

CVE-2025-21128

Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21128

The CVE-2025-21128 entry concerns Adobe Substance3D Stager, feature: Stack-based Buffer Overflow in Stager versions 3.0.4 and earlier. Root cause: overflow in processing of user-provided files leading to arbitrary code execution in the context of the current user. Impact: high, since code executi...

CVE-2025-21128 Substance3D - Stager | Stack-based Buffer Overflow (CWE-121)

Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21128 Substance3D - Stager | Stack-based Buffer Overflow (CWE-121)

Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-39357

A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2024-39357

CVE-2024-39357 describes a stack-based buffer overflow in the Wavlink AC3000 wireless.cgi SetName() functionality. TALOS confirms affected device: Wavlink AC3000 M33A8.V5030.210505, where input from the POST parameter NewName is copied to the heap with no length check and then to the stack via st...

CVE-2024-39357

A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2024-39359

A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2024-39603

A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasicmesh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...