CVE-2023-30733

CVE-2023-30733 affects the HDCP trustlet in Samsung mobile devices prior to SMR Oct-2023 Release 1. The root cause is a stack-based buffer overflow in the trustlet, enabling local attackers with low privileges to achieve code execution. The vulnerability is locally exploitable (no user interactio...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : Exim vulnerabilities (USN-6411-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6411-1 advisory. It was discovered that Exim incorrectly handled certain challenge requests. A remote attacker could possibly...

(0Day) D-Link DAP-1325 SetAPLanSettings Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

(0Day) D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

(0Day) D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

CVE-2023-42116

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...

CVE-2023-40476

GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

PT-2023-9185 · D Link · D-Link Dir-2640

Name of the Vulnerable Software and Affected Versions: D-Link DIR-2640 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. The flaw exists within the prog.cgi file, which handl...

Debian dla-3585 : exempi - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3585 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3585-1 [email protected]...

MGASA-2023-0268 Updated file packages fix security vulnerability

File before 5.43 has a stack-based buffer over-read in filecopystr in funcs.c. CVE-2022-48554...

CVE-2023-3341

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

CVE-2023-3341

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

Security Bulletin: IBM Storage Protect Operations Center is vulnerable to denial of service due to Websphere Application Server Liberty ( CVE-2023-28867 )

Summary IBM Storage Protect Operations Center uses Liberty and may be vulnerable. Vulnerability Details CVEID:CVE-2023-28867 DESCRIPTION: GraphQL Java is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially crafted GraphQL query, a remote attacker cou...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47380)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47388)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47384)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47381)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

CVE-2023-38070

A vulnerability has been identified in JT2Go All versions V14.3.0.1, Teamcenter Visualization V13.3 All versions V13.3.0.12, Teamcenter Visualization V14.0 All versions, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter...

CVE-2023-38070

Summary: CVE-2023-38070 affects Siemens JT2Go and related Teamcenter Visualization/Tecnomatix components. A stack-based buffer overflow occurs when parsing specially crafted WRL files, allowing code execution in the current process context. Affected products/versions include JT2Go < 14.3.0.1, ...

CVE-2019-16470

CVE-2019-16470 affects Adobe Acrobat Reader up to version 2019.021.20056 (and earlier) and is caused by a stack-based buffer overflow in the product. This can lead to arbitrary code execution in the context of the current user, with exploitation requiring user interaction (victim to open a malici...