CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

Adobe Illustrator < 16.0.5 / 16.2.0 < 16.2.2 (APSB14-11) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 16.0.5, 16.2.2. It is, therefore, affected by a vulnerability as referenced in the APSB14-11 advisory. - Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote...

Adobe After Effects < 18.4.5 / 22.0.0 < 22.2.1 Multiple Arbitrary code execution (APSB22-17) (macOS)

The version of Adobe After Effects installed on the remote macOS host is prior to 18.4.5, 22.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-17 advisory. - Adobe After Effects versions 22.2 and earlier and 18.4.4 and earlier are affected by an out-of-bounds...

CVE-2024-10194

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Gotochidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer...

CVE-2024-10194

CVE-2024-10194 affects WAVLINK WN530H4, WN530HG4 and WN572HG3 (up to 20221028). The issue is in the Front-End Authentication Page, specifically the function Goto_chidx in the file login.cgi . Manipulating the argument wlanUrl causes a stack-based buffer overflow. Exploitation is possible only wit...

CVE-2024-10130

A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack can be initiated remotely. Th...

CVE-2024-10130

The CVE-2024-10130 entry affects Tenda AC8 firmware 16.03.34.06. The issue resides in the function formSetRebootTimer of /goform/SetSysAutoRebbotCfg, where manipulating the rebootTime argument causes a stack-based buffer overflow. Exploitation is described as remote and publicly disclosed. Affect...

CVE-2024-10123

A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compareparentcontroltime of the file /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be...

CVE-2024-10123 Tenda AC8 saveParentControlInfo compare_parentcontrol_time stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compareparentcontroltime of the file /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be...

CVE-2024-7994

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

Qnap QTS Stack-based Buffer Overflow (CVE-2024-27130)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build...

Qnap QTS Stack-based Buffer Overflow (CVE-2023-50361)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Oct 2024

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF003 Vulnerability Details CVEID:CVE-2018-15209 DESCRIPTION: LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer...

Delta Electronics CNCSoft-G2

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION : low attack complexity Vendor : Delta Electronics Equipment : CNCSoft-G2 Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Heap-Based Buffer Overflow, Out-of-bounds Read, Use of Uninitialized Variable 2. RISK EVALUATION...

CVE-2024-47410

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47410 Animate | Stack-based Buffer Overflow (CWE-121)

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2024-29857 DESCRIPTION: The Bouncy Castle Crypto Package For Java is vulnerable to a denial of service, caused by improper input validation. By importing an EC certificate with crafte...