CVE-2023-41205 D-Link DAP-1325 SetAPLanSettings SubnetMask Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 SetAPLanSettings SubnetMask Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

CVE-2023-41202

CVE-2023-41202 affects D-Link DAP-1325 via the SetAPLanSettings mode. The flaw is a stack-based buffer overflow in processing XML data sent to the HNAP1 SOAP endpoint, caused by insufficient validation of user-supplied data length, allowing network-adjacent attackers to execute arbitrary code wit...

CVE-2023-41203 D-Link DAP-1325 SetAPLanSettings PrimaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 SetAPLanSettings PrimaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

CVE-2023-40484

CVE-2023-40484 affects Maxon Cinema 4D through a stack-based buffer overflow in the SKP file parser. The flaw stems from insufficient validation of the length of user-supplied data before copying it into a fixed-length stack buffer, enabling remote code execution. Exploitation requires user inter...

CVE-2023-40478 NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability

NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, th...

CVE-2023-40476

GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2023-38094

CVE-2023-38094 affects Kofax Power PDF through the replacePages function, where a stack-based buffer is overflowed due to improper validation of user-supplied data length. This enables remote code execution with the attacker’s code running in the process context. Exploitation requires user intera...

CVE-2023-38094 Kofax Power PDF replacePages Stack-based Buffer Overflow Remote Code Execution Vulnerability

Kofax Power PDF replacePages Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2023-38092

CVE-2023-38092 affects Kofax Power PDF. The vulnerability resides in the importDataObject method, caused by insufficient validation of the length of user-supplied data before copying to a fixed-length stack-based buffer, enabling a stack-based buffer overflow and remote code execution. Exploitati...

CVE-2023-38092 Kofax Power PDF importDataObject Stack-based Buffer Overflow Remote Code Execution Vulnerability

Kofax Power PDF importDataObject Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-37331

CVE-2023-37331 affects Kofax Power PDF. The issue is a GIF file parsing buffer overflow caused by improper validation of the length of user-supplied data copied into a fixed-size stack buffer, enabling remote code execution. Exploitation requires user interaction (target visits a malicious page o...

CVE-2023-37324 D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37324 D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37322 D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37322

CVE-2023-37322 affects D-Link DAP-2622 routers, in the DDP Set SSID List RADIUS server. The flaw is a stack-based buffer overflow caused by improper validation of user-supplied data length before copying to a fixed-length buffer, enabling remote code execution in the context of root by network-ad...

CVE-2023-37320 D-Link DAP-2622 DDP Set SSID List SSID Name Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set SSID List SSID Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37317

The CVE-2023-37317 entry concerns D-Link DAP-2622 routers with a stack-based buffer overflow in the DDP service when processing IPv6 Address Primary DNS data. The flaw arises from insufficient validation of user-supplied data prior to copying into a fixed-length stack buffer, enabling a network-a...

CVE-2023-37317 D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37313 D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37312 D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...