CVE-2024-24450

Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...

CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...

CVE-2024-45970

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message...

CVE-2024-45971

Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message...

CVE-2024-45970

Summary : CVE-2024-45970 describes multiple stack-based buffer overflows in the MMS Client of MZ Automation LibIEC61850, exploitable by a malicious server via the MMS FileDirResponse message. The underlying issue is in the MMS FileDirResponse handling, with a cited commit ac925fae8e281ac6defcd630...

CVE-2024-24447

CVE-2024-24447 describes a buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0, enabling a Denial of Service via a PDU Session Resource Setup Response with an empty Response Item list. Affected software: oai-cn5g-amf

PT-2024-10296 · Planet Technology +1 · Planet Wgs-804Hpt +2

The affected product is susceptible to a stack-based buffer overflow, which can be triggered by an unauthenticated attacker sending a malicious HTTP request. The webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution. An exploit f...

Security Bulletin: IBM B2B Sterling Integrator is affected by Hutool's denial of service

Summary IBM B2B Sterling Integrator is affected by Hutool's denial of service Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is vulnerable to a denial of service, caused by stack-based buffer overflow. By persuading a specially crafted request, a remote attacker could exploit this...

Security Bulletin: IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service

Summary IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to ope...

PT-2024-29308

Name of the Vulnerable Software and Affected Versions: tsMuxer version nightly-2024-03-14-01-51-12 Description: A stack-based buffer over-read in tsMuxer allows attackers to cause Information Disclosure via a crafted TS video file. Recommendations: For tsMuxer version nightly-2024-03-14-01-51-12,...

CVE-2024-41206

CVE-2024-41206 describes a stack-based buffer over-read in tsMuxer (nightly-2024-03-14-01-51-12) that can cause information disclosure when processing a crafted TS video file. Affected component is the tsMuxer code path handling transport streams; root cause is a buffer over-read, as stated in mu...

CVE-2024-47909

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47905

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47909

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47909

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47907

CVE-2024-47907 describes a stack-based buffer overflow in the IPsec component of Ivanti Connect Secure, before version 22.7R2.3, allowing a remote unauthenticated attacker to cause a denial of service. Affected product: Ivanti Connect Secure (ICS). Connected sources consistently confirm the issue...

CVE-2024-47907

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-47905

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service...

CVE-2024-47905

CVE-2024-47905 describes a stack-based buffer overflow in Ivanti Connect Secure prior to 22.7R2.3 and Ivanti Policy Secure prior to 22.7R1.2. The vulnerability allows a remote authenticated attacker with admin privileges to cause a denial of service. Public sources confirm affected products and f...

Fortinet FortiManager和FortiAnalyzer 安全漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are both products of Fortinet, Inc. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains AD...