CVE-2024-3905

A vulnerability was found in Tenda AC500 2.0.1.91307. It has been classified as critical. This affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to initiate the attack remotely...

CVE-2024-3906

CVE-2024-3906 affects Tenda AC500 (version 2.0.1.9(1307)) via the formQuickIndex function in /goform/QuickIndex. The root cause is a stack-based buffer overflow triggered when the PPPOEPassword parameter is manipulated, enabling remote exploitation. Publicized exploit details indicate in-the-wild...

CVE-2024-3905

CVE-2024-3905 affects Tenda AC500 2.0.1.9(1307). The flaw is in the R7WebsSecurityHandler function of the /goform/execCommand file, where manipulating the password argument causes a stack-based buffer overflow. It is exploitable remotely, and public exploits have been disclosed. Mitigations docum...

CVE-2024-3882

A vulnerability was found in Tenda W30E 1.0.1.25633. It has been classified as critical. Affected is the function fromRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-3881

Summary: CVE-2024-3881 affects Tenda W30E 1.0.1.25(633). A stack-based buffer overflow exists in the frmL7PlotForm function of /goform/frmL7ProtForm caused by improper handling of the page parameter. This can be exploited remotely and an exploit has been disclosed publicly. Impact: Confidentialit...

CVE-2024-3879

A vulnerability, which was classified as critical, was found in Tenda W30E 1.0.1.25633. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has...

CVE-2024-3878

A vulnerability, which was classified as critical, has been found in Tenda F1202 1.2.0.20408. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be...

CVE-2024-3876

A vulnerability classified as critical has been found in Tenda F1202 1.2.0.20408. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

CVE-2024-3875

A vulnerability was found in Tenda F1202 1.2.0.20408. It has been rated as critical. This issue affects the function fromNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

CVE-2024-3874

A vulnerability was found in Tenda W20E 15.11.0.6. It has been declared as critical. This vulnerability affects the function formSetRemoteWebManage of the file /goform/SetRemoteWebManage. The manipulation of the argument remoteIP leads to stack-based buffer overflow. The attack can be initiated...

Unspecified Vulnerability in Adobe Illustrator (CNVD-2024-19004)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A security vulnerability exists in Adobe Illustrator 28.3, 27.9.2 and prior versions, which stems from the application's susceptibility to a stack-based buffer overflow that can be exploite...

CVE-2024-30401

An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC...

CVE-2024-30392

A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific UR...

CVE-2024-30401 Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman

An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC...

CVE-2020-8006

CVE-2020-8006 affects Circontrol Raption servers up to version 5.11.2. The vulnerability is a pre-authentication, stack-based buffer overflow in the server when processing HTTP Basic-Authentication header data (base64 decode path), with the output buffer on the stack. Impact is root-level executi...

CVE-2020-8006

The server in Circontrol Raption through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The ocpp1.5 and pwrstudio binaries on the charging station do not use a number of common exploitation mitigations. In...

CVE-2024-30273

Illustrator versions 28.3, 27.9.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Juniper Junos OS Vulnerability (JSA79110)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79110 advisory. - An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line...

CVE-2024-20772 Adobe Media Encoder 2024 AI file parsing Stack based buffer overflow

Media Encoder versions 24.2.1, 23.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-49907

A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...