CVE-2023-37375

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0002. The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted SPP files. This could allow an attacke...

CVE-2023-37374

Summary of CVE-2023-37374 (Tecnomatix Plant Simulation): A stack-based buffer overflow occurs when parsing specially crafted STP files in Tecnomatix Plant Simulation. Affected products/versions are Tecnomatix Plant Simulation V2201 (all versions < V2201.0008) and V2302 (all versions

Panasonic Control FPWin Pro7

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Panasonic Equipment: Control FPWIN Pro7 Vulnerabilities: Type Confusion, Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...

Fortinet Fortigate Proxy mode with deep inspection - Stack-based buffer overflow (FG-IR-23-183)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-183 advisory. - A stack-based overflow vulnerability CWE-124 in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and...

EulerOS 2.0 SP9 : glusterfs (EulerOS-SA-2023-2313)

According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read. CVE-2023-26253 Note that...

EulerOS 2.0 SP9 : glusterfs (EulerOS-SA-2023-2333)

According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read. CVE-2023-26253 Note that...

CVE-2023-24018

A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability...

Stack overflow

A stack-based buffer overflow vulnerability exists in the urvpnclient httpconnectionreadcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2023-24018

A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability...

CVE-2023-24018

A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesight UR32L v32.3.0.5. A specially crafted HTTP request can lead to a buffer overflow. An authenticated attacker can send an HTTP request to trigger this vulnerability...

CVE-2023-24019

CVE-2023-24019 affects Milesight UR32L. A pre-authentication, network-accessible, stack-based buffer overflow exists in the UR32L HTTP server (urvpn_client http_connection_readcb), allowing remote code execution or a crash when processing crafted packets. Connected documents cite TALOS advisories...

Milesight UR32L libzebra.so security_decrypt_password buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1715 Milesight UR32L libzebra.so securitydecryptpassword buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-24018 SUMMARY A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesigh...

CVE-2023-24854 Stack-based Buffer Overflow in WLAN HOST

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message...

CVE-2023-35177

The CVE-2023-35177 case applies to certain HP LaserJet Pro printers. A stack-based buffer overflow in the printer’s compact font format parser is identified as the root cause in the provided materials. The vulnerability affects HP LaserJet Pro print products via the parser, with CVSS v3.1 metrics...

Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 Stack-Based Buffer Overflow (CVE-2018-7240)

A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious...

Security Bulletin: FileNet Content Manager (FNCM) FileNet Content Search Services (CSS) ThoughtWorks XStream security vulnerabilities, affected, not vulnerable

Summary Security vulnerability in FileNet Content Manager FNCM FileNet Content Search Services CSS ThoughtWorks XStream, affected, not vulnerable. Vulnerability Details CVEID:CVE-2022-40151 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By...

Security Bulletin: IBM Spectrum Control is vulnerable to weakness related to XStream

Summary Vulnerability in XStream allow denial of service, caused by a stack-based buffer overflow may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-41966 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By manipulating the...

Eaton 9000X Drive Stack-Based Buffer Overflow (CVE-2018-8847)

Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CVE-2023-31239

Stack-based buffer overflow vulnerability in V-Server v4.0.15.0 and V-Server Lite v4.0.15.0 and earlier allows an attacker to execute arbitrary code by having user open a specially crafted VPR file...

Stack overflow

Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32273 and CVE-2023-32201...