CVE-2024-34026

A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted EtherNet/IP request can lead to remote code execution. An attacker can send a series of EtherNet/IP requests to...

CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2005 OpenPLC OpenPLCv3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability September 18, 2024 CVE Number CVE-2024-34026 SUMMARY A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality...

The vulnerability of the H5R__decode_heap() function in the HDF5 library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the H5Rdecodeheap function in the HDF5 library is related to buffer overflow based on a stack-based mechanism. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

CVE-2024-45694

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45694

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45695 D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45695

CVE-2024-45695 affects D-Link DIR-X4860 wireless routers. The web service exposes a stack-based buffer overflow in unauthenticated context, enabling remote code execution. Public sources confirm the DIR-X4860 as affected and describe the root cause as a stack-based overflow in the device’s web se...

CVE-2024-45694 D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45694 D-Link WiFi router - Stack-based Buffer Overflow

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

CVE-2024-45694

CVE-2024-45694 affects certain D-Link wireless routers (e.g., DIR-X4860, DIR-X5460, COVR-X1870) via a stack-based buffer overflow in the device web service that allows unauthenticated remote code execution. The vulnerability is triggered by malformed input to the web service, enabling an attacker...

Sony Network Cameras Stack-based Buffer Overflow (CVE-2018-3938)

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POS...

CVE-2024-45413

The CVE-2024-45413 issue affects the HTTPD binary in multiple ZTE routers. A stack-based buffer overflow in rsa_decrypt, an API wrapper for LUA used to decrypt RSA ciphertext, stores decrypted data on the stack without length checks. This allows an authenticated attacker to achieve remote code ex...

CVE-2024-41867

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2024-41867

CVE-2024-41867 affects Adobe After Effects versions 23.6.6, 24.5 and earlier, with an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). remediation is via Adobe APSB24-55 security update (fixed in 23.6....

CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

PT-2024-6871 · D Link · D-Link Wireless Routers

Name of the Vulnerable Software and Affected Versions: D-Link wireless routers affected versions not specified Description: The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow issue, which allows unauthenticated remote attackers to exploit this issu...

Adobe After Effects 缓冲区错误漏洞

Adobe After Effects is a suite of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D compositing, animation and visual effects production. A buffer error vulnerability exists in Adobe After Effects, which stems...