CVE-2024-31570

libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file...

CVE-2024-34026

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to...

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2005 OpenPLC OpenPLCv3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability September 18, 2024 CVE Number CVE-2024-34026 SUMMARY A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality...

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

CVE-2024-45694

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45695 D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45695

CVE-2024-45695 affects D-Link DIR-X4860 wireless routers. The web service exposes a stack-based buffer overflow in unauthenticated context, enabling remote code execution. Public sources confirm the DIR-X4860 as affected and describe the root cause as a stack-based overflow in the device’s web se...

CVE-2024-45694 D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45694

CVE-2024-45694 affects certain D-Link wireless routers (e.g., DIR-X4860, DIR-X5460, COVR-X1870) via a stack-based buffer overflow in the device web service that allows unauthenticated remote code execution. The vulnerability is triggered by malformed input to the web service, enabling an attacker...

Sony Network Cameras Stack-based Buffer Overflow (CVE-2018-3938)

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POS...

CVE-2024-45413

The CVE-2024-45413 issue affects the HTTPD binary in multiple ZTE routers. A stack-based buffer overflow in rsa_decrypt, an API wrapper for LUA used to decrypt RSA ciphertext, stores decrypted data on the stack without length checks. This allows an authenticated attacker to achieve remote code ex...

CVE-2024-41867

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2024-41867

CVE-2024-41867 affects Adobe After Effects versions 23.6.6, 24.5 and earlier, with an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). remediation is via Adobe APSB24-55 security update (fixed in 23.6....

CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

EulerOS 2.0 SP10 : orc (EulerOS-SA-2024-2449)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

Huawei EulerOS: Security Advisory for orc (EulerOS-SA-2024-2401)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : orc (EulerOS-SA-2024-2376)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

EulerOS 2.0 SP10 : orc (EulerOS-SA-2024-2426)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

MGASA-2024-0288 Updated orc packages fix security vulnerability

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...