CVE-2021-26675

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code...

Security Bulletin: A GNU C Library vulnerability affects IBM Watson Text to Speech and Speech to Text (IBM Watson Speech Services for Cloud Pak for Data 1.2)

Summary A GNU C Library vulnerability, listed below, affect IBM Watson Text to Speech and Speech to Text IBM Watson Speech Services for Cloud Pak for Data 1.2 Vulnerability Details CVEID: CVE-2020-10029 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a denial of service, caused by ...

AIX 5.3L /usr/sbin/lquerypv Local Root Privilege Escalation Exploit

/AIX 5.3L /usr/sbin/lquerypv local root privilege escalation =========================================================== AIX5.3L includes a setuid root binary "lquerypv" which contains a stack-based overflow in the handling of -V command line argument. However, prior to the vulnerability being...

TP-Link WDR4300 - Remote Code Execution (Authenticated) Exploit

Exploit Title: TP-Link WDR4300 - Remote Code Execution Authenticated Date: 2020-08-28 Exploit Author: Patrik Lantz Vendor Homepage: https://www.tp-link.com/se/home-networking/wifi-router/tl-wdr4300/ Version: TL-WDR4300, N750 Wireless Dual Band Gigabit Router Tested on: Firmware version 3.13.33 an...

TP-Link WDR4300 - Remote Code Execution (Authenticated)

Exploit Title: TP-Link WDR4300 - Remote Code Execution Authenticated Date: 2020-08-28 Exploit Author: Patrik Lantz Vendor Homepage: https://www.tp-link.com/se/home-networking/wifi-router/tl-wdr4300/ Version: TL-WDR4300, N750 Wireless Dual Band Gigabit Router Tested on: Firmware version 3.13.33 an...

CVE-2020-24646

A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-26913

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR5...

PT-2020-6796 · Fortinet · Forticlient +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.0.10 and below FortiOS versions 5.6.12 and below Description: The issue is related to a stack-based buffer overflow in the FortiClient NAC daemon fcnacd that can be exploited by a remote attacker authenticated to the SSL VP...

TP-Link WDR4300 Remote Code Execution Exploit

TP-Link WDR4300 with firmware versions 3.13.33 and 3.14.3 post-authentication remote code execution exploit. !/usr/bin/python3 import sys import hashlib import base64 import requests import binascii import socket """ RCE via stack-based overflow on TP-Link WDR4300 N750 devices, using...

TP-Link WDR4300 Remote Code Execution

!/usr/bin/python3 import sys import hashlib import base64 import requests import binascii import socket """ RCE via stack-based overflow on TP-Link WDR4300 N750 devices, using CVE-2017-13772. Tested on Firmware versions 3.13.33, Build 130618 and 3.14.3 Build 150518, hardware WDR4300 v1 Usage: 1...

CVE-2020-16215

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modification of information, or cause the applicatio...

PT-2020-14820 · Delta Electronics · Tpeditor

Name of the Vulnerable Software and Affected Versions: Delta Electronics TPEditor versions 1.97 and prior Description: A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this issue may allow an attacker to read or modify...

CVE-2020-15892

The CVE-2020-15892 issue affects D-Link DAP-1520 firmware (pre-1.10b04Beta02) in apply.cgi. The login flow forwards POST values to an ssi binary, and client-side validation limits the password to 15 chars, which can be bypassed. An attacker intercepting a login POST and modifying the vulnerable p...

CVE-2020-12497

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

Stack overflow

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-12497

CVE-2020-12497 affects Phoenix Contact PC Worx and PC Worx Express up to version 1.87. The issue is a stack-based overflow in PLCopen XML file parsing caused by insufficient input validation, which could allow remote code execution when manipulated PC Worx projects are processed. Public sources c...

CVE-2020-12497 Phoenix Contact Automation Worx <= 1.87: stack-based overflow

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

CVE-2020-3635

Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937,...

Stack overflow

Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937,...

CVE-2020-3635

CVE-2020-3635 is a stack-based overflow affecting Qualcomm/Snapdragon components where the maximum number of arguments per request in perflock can exceed limits across numerous Snapdragon SKUs (Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wearables) including APQ8053, APQ8096AU, APQ8098, ...