CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...

CVE-2024-24447

CVE-2024-24447 describes a buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0, enabling a Denial of Service via a PDU Session Resource Setup Response with an empty Response Item list. Affected software: oai-cn5g-amf

CVE-2024-45970

Summary : CVE-2024-45970 describes multiple stack-based buffer overflows in the MMS Client of MZ Automation LibIEC61850, exploitable by a malicious server via the MMS FileDirResponse message. The underlying issue is in the MMS FileDirResponse handling, with a cited commit ac925fae8e281ac6defcd630...

CVE-2024-41206

CVE-2024-41206 describes a stack-based buffer over-read in tsMuxer (nightly-2024-03-14-01-51-12) that can cause information disclosure when processing a crafted TS video file. Affected component is the tsMuxer code path handling transport streams; root cause is a buffer over-read, as stated in mu...

CVE-2024-47905

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47909

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47909

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47907

CVE-2024-47907 describes a stack-based buffer overflow in the IPsec component of Ivanti Connect Secure, before version 22.7R2.3, allowing a remote unauthenticated attacker to cause a denial of service. Affected product: Ivanti Connect Secure (ICS). Connected sources consistently confirm the issue...

CVE-2024-47907

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-47905

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47905

CVE-2024-47905 describes a stack-based buffer overflow in Ivanti Connect Secure prior to 22.7R2.3 and Ivanti Policy Secure prior to 22.7R1.2. The vulnerability allows a remote authenticated attacker with admin privileges to cause a denial of service. Public sources confirm affected products and f...

(0Day) Trimble SketchUp Viewer SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2024-39354

If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code...

CVE-2024-39605

CVE-2024-39605 affects Delta Electronics DIAScreen with a stack-based buffer overflow in the BACnetParameter (and BACnetObjectInfo per ICS advisory) parsing path when a user opens a crafted file, enabling remote code execution after successful user interaction. Documents describe affected compone...

CVE-2024-11061

A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN0044db3c of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2024-11056

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-11056 Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-11048

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrvasp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2024-11047

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgradefilterasp of the file /upgradefilter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely...

CVE-2024-11048 D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrvasp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...