Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2024-38410 Stack-based Buffer Overflow in WLAN Windows Host

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice...

RHEL 4 : php (RHSA-2014:1825)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1825 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A stack-based buffer overflow flaw was found in the way the...

EulerOS 2.0 SP12 : orc (EulerOS-SA-2024-2802)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

CVE-2024-10662

A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit...

CVE-2024-47939

Stack-based buffer overflow vulnerability exists in multiple laser printers and MFPs which implement Ricoh Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service D...

CVE-2024-7992

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current proces...

CVE-2024-7992

Autodesk AutoCAD and certain AutoCAD-based products are affected by CVE-2024-7992 due to parsing a malicious DWG file that can trigger a stack-based buffer overflow. The vulnerability may crash the process, allow reading of sensitive data, or execute arbitrary code in the current process. Descrip...

CVE-2024-7992 Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current proces...

CVE-2024-7992 Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current proces...

CVE-2024-10434

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ateTendamfgcheckusb/ateTendamfgcheckusb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attac...

CVE-2024-10434

CVE-2024-10434 affects Tenda AC1206 devices up to 20241027. The vulnerability targets the functions ate_Tenda_mfg_check_usb and ate_Tenda_mfg_check_usb3 in /goform/ate, where improper validation of the argument arg enables a stack-based buffer overflow. This enables remote exploitation with high ...

CVE-2024-10434 Tenda AC1206 ate ate_Tenda_mfg_check_usb3 stack-based overflow

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ateTendamfgcheckusb/ateTendamfgcheckusb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attac...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-2666)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fortinet FortiWeb ] Stack-Based Buffer Overflow vulnerability using a crafted request (FG-IR-20-125)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-125 advisory. - A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an...

CVE-2024-10351 Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow

A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...

CVE-2024-10351

The CVE-2024-10351 vulnerability affects Tenda RX9 Pro (version 22.03.02.20) in the POST handler function /goform/setMacFilterCfg, sub_424CE0. Manipulating the deviceList argument leads to a stack-based buffer overflow, allowing remote exploitation and potentially arbitrary code execution. Public...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in WebSphere Application Server Liberty

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of WebSphere Application Server Liberty Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Google Protocol Buffers a.k.a., protobuf is vulnerable to a denial of service, caused by a stack-based buffer overfl...

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

Summary cURL libcurl, Apache Xerces2 Java, Apache Jena, Spring Framework, json-smart-v1 and json-smart-v2 , libxml2, Apache Standard Taglibs , Apache ActiveMQ, Apache Commons Codec are identified as vulnerable components with multiple reported vulnerabilities, CVE-2022-35260, CVE-2022-42915,...

CVE-2024-10283

A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched...