CVE-2021-21748

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code...

CVE-2021-21748

CVE-2021-21748 affects ZTE MF971R with stack-based buffer overflow in the web API path ADB_MODE_SWITCH (password handling) leading to remote code execution. Talos details show exploit via specially crafted HTTP requests that bypass referer checks (no authentication required) and trigger a stack-b...

CVE-2021-31383

In Point to MultiPoint P2MP scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon RPD of Juniper...

CVE-2021-31383

CVE-2021-31383 affects Juniper Networks Junos OS and Junos OS Evolved, where in P2MP scenarios the routing protocol daemon (RPD) may crash due to a source-to-destination copy-write operation paired with a stack-based buffer overflow on certain crafted packets. This leads to a DoS that can become ...

Zoom Client < 2.0.115900.1201 Multiple Vulnerabilities (Oct 2017) - Linux

The Zoom Client is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-38389

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...

Stack overflow

FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...

CVE-2021-38389

This CVE affects Advantech WebAccess (versions 9.02 and earlier). A stack-based buffer overflow vulnerability exists in the handling of IOCTL 0x1138B, allowing remote code execution with no authentication required. ZDI reports that the flaw can be exploited by remote attackers to execute code in ...

CVE-2021-38389 Advantech WebAccess

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code...

CVE-2021-38430 FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...

Stack overflow

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

CVE-2021-38432 FATEK Automation Communication Server

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

CVE-2021-38432

CVE-2021-38432 affects FATEK Automation Communication Server (Versions 1.13 and prior). The vulnerability is a stack-based buffer overflow caused by lack of proper validation of user-supplied data, enabling remote code execution via network access (no authentication required per ZDI/CISA). Exploi...

Fatek Automation WinProladder PDW File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation WinProladder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Fatek Automation WinProladder PDW File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation WinProladder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Fatek Automation Communication Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of data sent to the Facon Server, which listens on...

CVE-2021-3057

CVE-2021-3057 is a stack-based buffer overflow in Palo Alto Networks GlobalProtect app affecting specific release branches: Windows 5.1.x before 5.1.9, Windows 5.2.x before 5.2.8, UWP 5.2.x before 5.2.8, and Linux 5.3.x before 5.3.1. The root cause is a stack-based memory overflow that can be tri...

Ubuntu 18.04 LTS / 20.04 LTS : libntlm vulnerability (USN-5108-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5108-1 advisory. It was discovered that Libntlm incorrectly handled specially crafted NTML requests. An attacker could possibly use this issue to cause a denial of...

SUSE: Security Advisory (SUSE-SU-2021:14823-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerabilities : Out-of-bounds Write, Out-of-bounds Read, Unexpected Sign Extension, Stack-based Buffer Overflow, Improper Restriction of Operations within the...