CVE-2024-7509

CVE-2024-7509 concerns Trimble SketchUp SKP file parsing that results in a stack-based buffer overflow, enabling Remote Code Execution . The flaw arises from insufficient validation of the length of user-supplied data before copying to a stack buffer. Exploitation requires user interaction (targe...

CVE-2024-9745

Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...

CVE-2024-11510

IrfanView WBZ plugin WB1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must...

CVE-2024-9261 IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-11510 IrfanView WBZ plugin WB1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

IrfanView WBZ plugin WB1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must...

CVE-2024-11510

CVE-2024-11510 : IrfanView WBZ plugin WB1 File Parsing vulnerability — a stack-based buffer overflow during WB1 file parsing due to improper validation of the length of user-supplied data, enabling Remote Code Execution in the context of the target process. Exploitation requires user interaction ...

CVE-2023-51635 NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability

NETGEAR RAX30 fingdil Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw...

Wyze Cam 安全漏洞

Wyze Cam Wyze Labs is a series of cameras from Wyze USA. A security vulnerability exists in Wyze Cam v3, which stems from a lack of proper validation of the length of user-supplied data before copying it to a fixed-length stack-based buffer. An attacker exploiting this vulnerability could execute...

CVE-2024-45970

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message...

CVE-2024-45970

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message...

CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...

CVE-2024-24450

Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...

CVE-2024-11248

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-11248

CVE-2024-11248 affects the Tenda AC10 router (firmware 16.03.10.13). The vulnerability lies in the function formSetRebootTimer in /goform/SetSysAutoRebbotCfg, where manipulated rebootTime causes a stack-based buffer overflow. Exploitation can be remote, and public exploit details exist. Affected ...

CVE-2024-11237 TP-Link VN020 F3v(T) DHCP DISCOVER Packet Parser TP-Thumper stack-based overflow

A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3vT TTV6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be...

CVE-2024-11237

CVE-2024-11237 affects TP-Link VN020 F3v(T) TT_V6.2.1021. The issue is a stack-based overflow in the DHCP DISCOVER Packet Parser triggered by manipulating the hostname during DHCP options parsing, with remote enablement and public exploit availability. Affected component: DHCP hostname parsing in...

CVE-2024-45970

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message...

CVE-2024-45971

The CVE-2024-45971 affects MZ Automation LibIEC61850 MMS Client, with multiple stack-based buffer overflows triggered by MMS IdentifyResponse messages. Root cause is the buffer overflow condition present before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0. Patch/remediation is referenced by th...

CVE-2024-24450

Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...

CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...