8439 matches found
CVE-2022-24049
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 S2 systems and 11.2.13 build 57923290 S1 systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec...
CVE-2022-24049
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos One Speaker prior to 3.4.1 S2 systems and 11.2.13 build 57923290 S1 systems. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ALAC audio codec...
CVE-2021-46638
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2021-46585
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2021-46565
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Stack overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Stack overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name...
CVE-2022-24049
CVE-2022-24049 affects Sonos One Speaker (S1/S2). The root cause is a stack-based buffer overflow in the ALAC audio codec due to insufficient validation of the length of user-supplied data before copying. This allows remote code execution with root privileges on affected installations. Affected v...
CVE-2021-46643
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2021-46585
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2021-46565
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-0629
A stack-based buffer overflow flaw was found in vim's gaconcatshortenesc function of src/testing.c file. This flaw allows an attacker to trick a user into opening a crafted file, triggering a stack-overflow. This issue can lead to an application crash, causing a denial of service. Mitigation...
Stack overflow
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...
PT-2022-4891 · D Link · Dlink Router
Name of the Vulnerable Software and Affected Versions: D-Link routers affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this issue. The...
CVE-2022-23803
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious fil...
CVE-2022-23804
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious fil...
CVE-2022-23803
A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious fil...
CVE-2022-23803
CVE-2022-23803 is a stack-based buffer overflow in KiCad EDA’s Gerber Viewer/Excellon ReadXYCoord parsing (and related ReadIJCoord, GCodeNumber, DCodeNumber in the family) that could allow code execution when opening specially crafted Gerber/Excellon files. Public sources in connected docs consis...
Omron CX-One FLN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLN...
(0Day) WECON LeviStudioU UMP File Parsing XY Tag WordAddr10 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X...