CVE-2024-7547

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7547

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7539

oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The...

CVE-2024-7538

oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7547

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7547

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7547

CVE-2024-7547 corresponds to an oFono vulnerability: a stack-based buffer overflow in the SMS PDU parser that allows a local attacker who can run code on the target modem to execute arbitrary code in the context of the service account. Root cause: insufficient validation of user-supplied data len...

CVE-2024-7539

oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The...

CVE-2024-7538

CVE-2024-7538 affects oFono and is caused by a stack-based buffer overflow in the CUSD AT command response parsing due to improper validation of user-supplied data length. This allows a local attacker who can run code on the target modem to execute arbitrary code with root privileges. The issue i...

CVE-2024-7538 oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability

oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7538 oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability

oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

CVE-2024-7441 Vivotek SD9364 httpd read stack-based overflow

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack can be initiate...

CVE-2024-7441

Vivotek SD9364 VVTK-0103f exposes a vulnerability in the httpd read function: manipulating Content-Length causes a stack-based buffer overflow. Exploitation is remote and the exploit has been publicly disclosed. Affected releases are end-of-life with no fix/version details provided in the availab...

CVE-2024-7439

CVE-2024-7439 affects Vivotek CC8160 VVTK-0100d: the httpd component’s function read is vulnerable due to manipulation of the Content-Length argument, leading to a stack-based buffer overflow. It can be exploited remotely. Several sources note the affected products are end-of-life and no version ...

CVE-2024-40723

The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the HWATAIServiSign, temporarily...

CVE-2024-40723

CVE-2024-40723 concerns HWATAIServiSign Windows Version from CHANGING Information Technology. The vulnerability is a stack-based buffer overflow caused by improper validation of the length of server-side inputs in a specific API. It can be triggered when an unauthenticated remote user visits a sp...

CVE-2024-40722 CHANGING Information Technology TCBServiSign Windows Version - Stack-based Buffer Overflow

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily...

CVE-2024-31203

A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service DoS condition on the target component...

SUSE: Security Advisory (SUSE-SU-2024:2663-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Stack-based Buffer Overflow

libcurl.so is vulnerable to a Stack-based Buffer Overflow. The vulnerability is due to improper handling of memory in the utf8asn1str function, which invokes free function on a 4-byte local stack buffer when detecting an invalid field. Attackers can exploit this flaw to overwrite nearby stack...