EulerOS 2.0 SP10 : orc (EulerOS-SA-2024-2449)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

VulnCheck KEV: CVE-2023-0656

A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash...

VulnCheck KEV: CVE-2022-22274

A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution in the firewall...

Huawei EulerOS: Security Advisory for orc (EulerOS-SA-2024-2401)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MPlayer Lite r33064 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MPlayer Lite M3U Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in MPlayer Lite r33064,...

EulerOS 2.0 SP9 : orc (EulerOS-SA-2024-2376)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

EulerOS 2.0 SP10 : orc (EulerOS-SA-2024-2426)

According to the versions of the orc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially...

In Gluster GlusterFS 11.0 there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.

...

MGASA-2024-0288 Updated orc packages fix security vulnerability

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

NewStart CGSL MAIN 6.02 : libjpeg-turbo Vulnerability (NS-SA-2024-0051)

The remote NewStart CGSL host, running version MAIN 6.02, has libjpeg-turbo packages installed that are affected by a vulnerability: - A stack-based buffer overflow flaw was found in libjpeg-turbo library in the tranform component. An attacker may use this flaw to input a malicious image file to ...

Siemens Tecnomatix Plant Simulation

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Adobe After Effects < 23.6.9 / 24.0 < 24.6 Multiple Vulnerabilities (APSB24-55) (macOS)

The version of Adobe After Effects installed on the remote macOS host is prior to 23.6.9, 24.6. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-55 advisory. - After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability th...

Adobe After Effects < 23.6.9 / 24.0 < 24.6 Multiple Vulnerabilities (APSB24-55)

The version of Adobe After Effects installed on the remote Windows host is prior to 23.6.9, 24.6. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-55 advisory. - After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability...

NewStart CGSL MAIN 6.02 : curl Multiple Vulnerabilities (NS-SA-2024-0050)

The remote NewStart CGSL host, running version MAIN 6.02, has curl packages installed that are affected by multiple vulnerabilities: - The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow...

ABB Freelance AC 900F and AC 700F Stack-based Buffer Overflow (CVE-2023-0426)

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make th...

The vulnerability of the fromNatlimit function in the microprogramming software for Tenda FH1201 allows a hacker to trigger a service failure.

The vulnerability of the fromNatlimit function in the microprogramming software for Tenda FH1201 is related to the possibility of buffer overflow based on a stack. Exploiting this vulnerability can allow a malicious actor to trigger a Denial-of-Service attack by sending a specially crafted POST...

CVE-2024-8408

A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validateservicesport of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument servicesarray leads to stack-based buffer overflow. The...

CVE-2024-8408

The CVE-2024-8408 issue affects Linksys WRT54G (version 4.21.5). The vulnerability lies in the POST Parameter Handler’s function validate_services_port in /apply.cgi, where improper handling of the argument services_array causes a stack-based buffer overflow. This vulnerability can be exploited r...