CVE-2022-25308

CVE-2022-25308 affects the Fribidi library with a stack-based buffer overflow that can cause memory corruption, memory leak, or denial of service. Connected advisories document the issue across multiple distributions. Remediation requires upgrading Fribidi to fixed versions (examples: >= 1.0.1...

Out-of-bounds Write

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service...

Amazon Linux 2022 : vim-common, vim-data, vim-default-editor (ALAS2022-2022-077)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-077 advisory. A flaw was found in vim. The vulnerability occurs due to a crash when recording and using Select mode and leads to an out-of-bounds read. This flaw allows an attacker to input a specially craft...

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain...

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain...

CVE-2022-39843

CVE-2022-39843 affects 123elf Lotus 1-2-3 on Linux and Lotus 1-2-3 R3 on UNIX/other platforms. It is caused by a stack-based buffer overflow in the cell format processing routines, exploitable via a crafted worksheet and reachable through a w3r_format element in a wk3 document. Impact is arbitrar...

CVE-2022-22096

CVE-2022-22096 is a Qualcomm Bluetooth vulnerability in the Bluetooth HOST on Snapdragon platforms (Connectivity + Snapdragon Mobile) caused by a stack-based buffer overflow when extracting data via the command length parameter, leading to memory corruption. It is rated Critical (CVSS v3.1: 9.8, ...

CVE-2022-2895 Measuresoft ScadaPro Server Stack-based Buffer Overflow

Measuresoft ScadaPro Server All Versions uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file...

CVE-2022-1888

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

Stack overflow

CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition...

Stack overflow

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2022-1888 Fuji Electric Alpha7 PC Loader Fuji Electric Alpha7 PC Loader

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2022-1888 Fuji Electric Alpha7 PC Loader Fuji Electric Alpha7 PC Loader

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

PT-2022-13862 · Cncsoft · Cncsoft

Name of the Vulnerable Software and Affected Versions: CNCSoft versions prior to 1.01.32 Description: The issue arises from improper input sanitization when processing a specific project file, potentially leading to a stack-based buffer overflow condition. Recommendations: For versions prior to...

Mageia: Security Advisory (MGASA-2022-0295)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Hitachi Energy RTU500

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 Series Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to send a specially crafted...

Security Bulletin: IBM Tivoli Storage Manager FastBack Stack-Based Buffer Overflow Vulnerability (CVE-2015-1929)

Summary The IBM Tivoli Storage Manager FastBack Server process is vulnerable to a stack-based buffer overflow. A network attacker could overflow a buffer and cause the server to crash. Vulnerability Details CVEID: CVE-2015-1929 DESCRIPTION: IBM Tivoli Storage Manager FastBack Server is vulnerable...

Denial Of Service (DoS)

u-boot is vulnerable to denial of service. The vulnerability exists due to the integer signedness error, resulting stack stack-based buffer overflow in the i2c md command, which enables the corruption of the return address pointer of the doi2cmd function...

CVE-2022-25793

A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer when parsing ActionScript Byte Code files. This...

SUSE SLES12 Security Update : u-boot (SUSE-SU-2022:2712-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2712-1 advisory. - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the corruption...