RHEL 8 : glibc (RHSA-2024:3344)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3344 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

RHEL 9 : glibc (RHSA-2024:3339)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3339 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

ALSA-2024:3344 Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

CentOS 8 : glibc (CESA-2024:3344)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3344 advisory. - nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's nscd fixed size cache is exhausted by client requests then a...

Fortinet FortiWeb Stack-based Buffer Overflow in command line interpreter (FG-IR-21-234)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-234 advisory. - A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions...

CVE-2024-30289

Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-6322 Stack-based buffer overflow in message parser functionality

A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger...

CVE-2023-6322

CVE-2023-6322 affects the Roku Indoor Camera SE (v3.0.2.4679) and Wyze Cam v3 (v4.36.11.5859). The root cause is a stack-based buffer overflow in the message parsing functionality . An attacker who can make authenticated requests can trigger the overflow, potentially leading to impact on confiden...

CVE-2023-46714

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests...

CVE-2023-46714

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests...

CVE-2024-34943

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting...

CVE-2024-34942

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...

Advisory ROSA-SA-2024-2419

software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-1 CVE-ID: CVE-2021-44758 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: heimdal allowed attackers to cause null pointer dereferencing in the SPNEGO receiver via the preferredmechtype GSSCNOOID and a non-zero initialresponse value f...

Siemens Teamcenter Visualization and JT2Go

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Adobe Animate 23.x < 23.0.6 / 24.x < 24.0.3 Multiple Vulnerabilities (APSB24-36)

The version of Adobe Animate installed on the remote macOS or Mac OS X host is prior to 23.0.6 or 24.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-36 advisory. - Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write...

Adobe Animate 23.x < 23.0.6 / 24.x < 24.0.3 Multiple Vulnerabilities (APSB24-36)

The version of Adobe Animate installed on the remote Windows host is prior to 23.0.6 or 24.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-36 advisory. - Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that...

Fortinet Fortigate Buffer overflow in administrative interface (FG-IR-23-415)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-415 advisory. - A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 throu...

RHEL 8 : cfitsio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cfitsio: Stack-based buffer overflow in ffghtb allows for potential code execution CVE-2018-3849 - In the...

RHEL 7 : speex (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - speex: stack-based buffer overflow in speexenc.c via a crafted WAV file CVE-2020-23904 - A Divide by Zero...

RHEL 6 : libtasn1 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: Stack-based buffer overflow in asn1findnode CVE-2017-6891 - The asn1extractderoctet function in...