Exploit for Stack-based Buffer Overflow in Cisco Rv340_Firmware

CVE-2022-20699 🎧 Br...

Siemens Nucleus RTOS-based APOGEE and TALON Products Improper Null Termination (CVE-2021-31888)

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

Siemens Nucleus RTOS-based APOGEE and TALON Products Improper Null Termination (CVE-2021-31887)

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

Yokogawa Multiple Products Stack-based Buffer Overflow (CVE-2015-5626)

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquant...

Yokogawa CENTUM, Exaopc and B/M9000 Stack-based Buffer Overflow (CVE-2014-3888)

Stack-based buffer overflow in BKFSimvhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attacke...

Siemens Nucleus RTOS-based APOGEE and TALON Products Improper Null Termination (CVE-2021-31886)

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

Yokogawa Multiple Products Stack-based Buffer Overflow (CVE-2015-5628)

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquant...

Yokogawa CENTUM, Exaopc and B/M9000 Stack-based Buffer Overflow (CVE-2014-0782)

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier,...

CVE-2022-23946

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigge...

Stack overflow

A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2021-21961

CVE-2021-21961 affects Sealevel Systems SeaConnect 370W v1.3.34, impacting the NBNS and LLMNR name-resolution paths. The Talos report documents two stack-based buffer overflows in the parsing of queried names, each copying a length-controlled payload into a fixed 32-byte buffer without proper bou...

CVE-2022-23947

CVE-2022-23947 affects KiCad EDA's Gerber Viewer, specifically the DCodeNumber parsing in the Excellon/Gerber handling path. A stack-based buffer overflow could allow code execution when processing crafted Gerber/Excellon files (KiCad 6.0.1 and the master commit de006fc010 are cited). Related adv...

CVE-2022-23947

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigge...

CVE-2022-23946

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigge...

CVE-2022-23946

A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigge...

Denial Of Service (DoS)

itext7-core is vulnerable to denial of service. The vulnerability exists in the writeFloats component in OutputStream.java file which allows an attacker to crash the system using stack-based buffer overflow via a crafted PDF file...

CVE-2021-36193

Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands...

GHSA-C32G-2MGR-CFQ7 Out-of-bounds Write in iText

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2021-45832

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service context-dependent...

Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities

Summary A stack-based buffer overflow vulnerability exists in both the LLMNR and NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger either of the...