Stack overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.10610.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by...

Lantronix PremierWave 2050 Web Manager Ping stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-43280

A stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer. An attacker can leverage thi...

NETGEAR R6400v2 Buffer Overflow Vulnerability

The NETGEAR R6400v2 is a router from Netgear, Inc. A hardware device that connects two or more networks and acts as a gateway between networks, the NETGEAR R6400v2 is vulnerable to a buffer overflow vulnerability that stems from a process failing to properly validate the length of user-supplied...

CVE-2021-43579

HTMLDOC contains a stack-based buffer overflow in image_load_bmp() that can cause remote code execution when a crafted BMP file is linked from an HTML document, affecting HTMLDOC

Nucleus FTP Server Multiple Vulnerabilities (NUCLEUS:13)

Binary data nucleusftpmultiplevulns.nbin...

NETGEAR R6400v2 缓冲区错误漏洞

The NETGEAR R6400v2 is a router from Netgear, Inc. A hardware device that connects two or more networks and acts as a gateway between networks, the NETGEAR R6400v2 is vulnerable to a buffer overflow vulnerability that stems from a process failing to properly validate the length of user-supplied...

RHEL 8 : libjpeg-turbo (RHSA-2021:4288)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4288 advisory. The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the...

13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service DoS, and information leak...

CVE-2021-31888

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31887

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31888

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31887

CVE-2021-31887 affects a wide range of Siemens APOGEE/TALON/Nucleus products (BACnet and P2 Ethernet variants, various Desigo/PXC/Nucleus lines). The root cause is a stack-based buffer overwrite in the FTP server caused by improper validation of the length of the PWD/XPWD command, which may allow...

CVE-2021-31886

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31886

Technical details for CVE-2021-31886 (affected software, impact, exploitability, and remediation) are not present in the provided Connected documents. Please monitor for updates.

CVE-2021-3928

A flaw was found in vim. A possible stack-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation Do not run...

CVE-2021-40985

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp...

CVE-2021-40985

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp...

Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability

Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code...

CVE-2021-36186

A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests...