Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c.

...

SonicWall SonicOS Buffer Overflow Vulnerability (CNVD-2022-06901)

A buffer overflow vulnerability exists in SonicWall SonicOS, an operating system designed for SonicWall firewall appliances from SonicWall, Inc. response header boundary. A remote, unauthenticated attacker could use this vulnerability to send a special HTTP response that triggers a stack-based...

Netgear NETGEAR D7000 Buffer Overflow Vulnerability

The Netgear NETGEAR D7000 is a wireless modem from Netgear USA. A security vulnerability exists in the NETGEAR D7000 prior to version 1.0.1.82, which can be exploited by an unauthenticated attacker to conduct a stack-based buffer overflow...

CVE-2021-45926

MDB Tools (mdbtools) 0.9.2 has a stack-based buffer overflow in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind). The issue is triggered during processing of MDB files, with the offset 0x7ffd0c689be0. This CVE-2021-45926 can impact confidentiality, integrity, and avai...

CVE-2021-45908

An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a while loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted...

CVE-2021-45605

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.68, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7900 before 1.0.4.38, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, and XR300 before...

CVE-2021-21903

A stack-based buffer overflow vulnerability exists in the CMA checkudpcrc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to trigger this...

CVE-2021-21892

A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2020-10029 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a denial of service, caused by a stack-based overflow during range reduction. A local...

QNAP NAS 缓冲区错误漏洞

QNAP NAS is an accessible and fast storage solution from China Weilian Technology QNAP. The QNAP NAS Surveillance Station suffers from a buffer overflow vulnerability that originates from a boundary error in the software's handling of requests, which can be exploited by an unauthenticated, remote...

WECON LeviStudioU

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Technology Co., Ltd WECON Equipment: LeviStudioU Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS...

CVE-2021-37020

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read...

The vulnerability of the BKESimmgr.exe component in Yokogawa’s software products allows a hacker to elevate their privileges and execute arbitrary code.

The vulnerability of the “BKESimmgr.exe” service in Yokogawa’s software products is caused by a buffer overflow based on a stack. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary code by sending a specially created package to port 34205/TCP...

CVE-2021-43280

A stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK before 2022.8. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer. An attacker can leverage thi...

CVE-2021-21748

ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code...

CVE-2021-38432

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code...

CVE-2021-34346 Stack Based Overflow Vulnerability in NVR Storage Expansion

A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage...

CVE-2021-34345 Stack Based Overflow Vulnerability in NVR Storage Expansion

A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage...

PT-2021-5170 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: Huawei Smartphone affected versions not specified Description: The issue is related to insufficient input validation in the HarmonyOS operating system kernel, which can be exploited by a remote attacker to cause a denial of service...

Adobe XMP Toolkit SDK 安全漏洞

The Adobe XMP Toolkit SDK is a tagging technology from Adobe USA that allows you to embed data about a file called metadata into the file itself. The XMP Toolkit SDK suffers from a security vulnerability that stems from the effects of a stack-based buffer overflow vulnerability that could lead to...