CVE-2024-25753

CVE-2024-25753 affects the Tenda AC9 router (v3.0) with firmware v15.03.06.42_multi. The vulnerability is a stack-based buffer overflow in the formSetDeviceName function, enabling a remote attacker to execute arbitrary code. The published metrics indicate a high-impact, adjacent-attack-vector sce...

CVE-2024-25748

The CVE-2024-25748 entry describes a stack-based buffer overflow in the Tenda AC9 AC9 v3.0 firmware (v15.03.06.42_multi) affecting the fromSetIpMacBind function. The root cause is a stack overflow that allows remote code execution with high impact: confidentiality, integrity, and availability are...

CVE-2024-25756

CVE-2024-25756 describes a stack-based buffer overflow in the Tenda AC9 v3.0 firmware (version v.15.03.06.42_multi) triggered by the formWifiBasicSet function. The vulnerability allows a remote attacker to execute arbitrary code, with high impact on confidentiality, integrity, and availability. A...

Amazon Linux 2023 : cifs-utils, cifs-utils-devel, cifs-utils-info (ALAS2023-2024-530)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-530 advisory. A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. CVE-2022-27239 A flaw was found...

Stack-based Buffer Overflow

libzephyr.so is vulnerable to a Buffer Overflow. The vulnerability is due to an unchecked length coming from user input in settings shell, specifically during the handling of SETTINGSVALUESTRING type values, which can result in copying data of a length greater than the buffer size allocated for...

Medium: vim

Issue Overview: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory...

Updated vim packages fix a security vulnerability

The updated packages fix a security vulnerability: Vim before 9.0.2142 has a stack-based buffer overflow because didsetlangmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. CVE-2024-22667...

Fedora 39 : vim (2024-12513b5cee)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-12513b5cee advisory. Security fix for CVE-2024-22667 ---- enable building without GPM support - build with GPM in Fedora 2262371 - gvim: symbol lookup error: gvim:...

Fedora 38 : vim (2024-1c85d5b179)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1c85d5b179 advisory. Security fix for CVE-2024-22667 ---- enable building without GPM support - build with GPM in Fedora 2262371 - gvim: symbol lookup error: gvim:...

Ubuntu 16.04 LTS / 18.04 LTS / 22.04 LTS : UltraJSON vulnerabilities (USN-6629-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6629-1 advisory. It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly...

Stack overflow

KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution...

Stack overflow

KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization at line 2600. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution...

CVE-2024-25003

KiTTY 0.76.1.13 and earlier is affected by CVE-2024-25003, a stack-based buffer overflow triggered by input to hostname handling. The root cause is insufficient bounds checking and input sanitization, allowing an attacker to overwrite adjacent memory and achieve arbitrary code execution. Multiple...

CVE-2024-25004

KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization at line 2600. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution...

CVE-2024-25004

KiTTY 0.76.1.13 and earlier are affected by a stack-based buffer overflow caused by insufficient bounds checking and input sanitization (via the username/hostname at line 2600). This vulnerability can allow an attacker to overwrite adjacent memory and achieve arbitrary code execution. Public refe...

Security Bulletin: IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074.

Summary IBM Asset Data Dictionary Component uses json-path-2.6.0.jar which is vulnerable to CVE-2023-51074. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path is vulnerable to a denial of service, cause...

CVE-2023-43520 Stack-based Buffer Overflow in WLAN HOST

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE...

CVE-2024-22852

D-Link Go-RT-AC750 GORTAC750A1FWv101b03 contains a stack-based buffer overflow via the function genacgimain. This vulnerability allows attackers to enable telnet service via a specially crafted payload...

Stack overflow

D-Link Go-RT-AC750 GORTAC750A1FWv101b03 contains a stack-based buffer overflow via the function genacgimain. This vulnerability allows attackers to enable telnet service via a specially crafted payload...

Bosch Security Systems Multiple Products Stack-based Buffer Overflow (CVE-2021-23850)

A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload...