CVE-2023-3943

Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects...

Security Bulletin: Multiple vulnerabilities affect IBM Db2® REST

Summary IBM has released the below fix for IBM Db2® REST in response to multiple vulnerabilities found in multiple components. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2021-35942 DESCRIPTION: GNU C Library aka glibc could allow a local attacker to obtain sensitive...

CVE-2024-30289

Adobe Framemaker versions 2020.5, 2022.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe Animate 安全漏洞

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. A security vulnerability exists in Adobe Animate that stems from being affected by a stack-based buffer overflow vulnerability. An attacker can exploit this vulnerability to cause arbitrary code to be...

CVE-2023-6322

A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger...

CVE-2023-6322

CVE-2023-6322 affects the Roku Indoor Camera SE (v3.0.2.4679) and Wyze Cam v3 (v4.36.11.5859). The root cause is a stack-based buffer overflow in the message parsing functionality . An attacker who can make authenticated requests can trigger the overflow, potentially leading to impact on confiden...

CVE-2023-6322 Stack-based buffer overflow in message parser functionality

A stack-based buffer overflow vulnerability exists in the message parsing functionality of the Roku Indoor Camera SE version 3.0.2.4679 and Wyze Cam v3 version 4.36.11.5859. A specially crafted message can lead to stack-based buffer overflow. An attacker can make authenticated requests to trigger...

CVE-2023-46714

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests...

CVE-2023-46714

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests...

CVE-2024-34950

D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module...

CVE-2024-34943

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting...

CVE-2024-34942

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...

CVE-2024-34946

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient...

CVE-2024-34945

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the PPW parameter at ip/goform/WizardHandle...

Advisory ROSA-SA-2024-2419

software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-1 CVE-ID: CVE-2021-44758 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: heimdal allowed attackers to cause null pointer dereferencing in the SPNEGO receiver via the preferredmechtype GSSCNOOID and a non-zero initialresponse value f...

Siemens Teamcenter Visualization and JT2Go

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Adobe Animate 23.x < 23.0.6 / 24.x < 24.0.3 Multiple Vulnerabilities (APSB24-36)

The version of Adobe Animate installed on the remote macOS or Mac OS X host is prior to 23.0.6 or 24.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-36 advisory. - Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write...

Adobe Animate 23.x < 23.0.6 / 24.x < 24.0.3 Multiple Vulnerabilities (APSB24-36)

The version of Adobe Animate installed on the remote Windows host is prior to 23.0.6 or 24.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-36 advisory. - Animate versions 24.0.2, 23.0.5 and earlier are affected by an out-of-bounds write vulnerability that...

Fortinet Fortigate Buffer overflow in administrative interface (FG-IR-23-415)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-415 advisory. - A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 throu...

Mageia: Security Advisory (MGASA-2024-0173)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...