13308 matches found
CVE-2023-35728
CVE-2023-35728 affects D-Link DAP-2622 routers. The root cause is a stack-based buffer overflow in the DDP service caused by inadequate validation of user-supplied data length before copying to a fixed-length stack buffer. This leads to remote code execution in the root context with network-adjac...
CVE-2023-35728 D-Link DAP-2622 DDP Reboot Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Reboot Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35725
CVE-2023-35725 affects D-Link DAP-2622 devices via a stack-based buffer overflow in the DDP service. The vulnerability arises from improper validation of user-supplied data length before copying to a fixed-length stack buffer, enabling network-adjacent attackers to execute code with root privileg...
CVE-2023-35718
CVE-2023-35718 affects D-Link DAP-2622 via the DDP service. The flaw is a stack-based buffer overflow caused by improper validation of the length of user-supplied data before copying to a fixed-length buffer, enabling code execution with root privileges. Public sources (including ZDI advisory and...
CVE-2023-34306 Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the...
CVE-2023-34306 Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the...
CVE-2023-34306
Ashlar-Vellum Graphite VC6 file parsing vulnerability enables stack-based buffer overflow leading to remote code execution. Root cause: improper validation of the length of user-supplied data prior to copying it to a stack-based buffer while parsing VC6 files. Attack requires user interaction (ta...
CVE-2023-34302
CVE-2023-34302 describes a stack-based buffer overflow in Ashlar-Vellum Cobalt’s CO file parsing. The flaw stems from insufficient validation of the length of user-supplied data before copying it to a stack-based buffer, enabling a remote attacker to execute arbitrary code in the current process ...
CVE-2023-34302 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the targ...
CVE-2023-34287 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the targ...
CVE-2023-34287 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the targ...
CVE-2023-32149 D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this...
CVE-2023-32146 D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. T...
CVE-2023-32142 D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-32141
The CVE-2023-32141 issue affects D-Link DAP-1360 devices, where an unvalidated length when handling /cgi-bin/webproc requests (getpage/errorpage) causes a stack-based buffer overflow. This leads to remote code execution with root privileges by a network-adjacent attacker, without authentication. ...
CVE-2023-32136 D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-27361
Summary: CVE-2023-27361 affects NETGEAR RAX30 with a JSON parsing vulnerability in the rex_cgi component, causing a stack-based buffer overflow that can lead to remote code execution in the context of root. The flaw stems from insufficient validation of user-supplied JSON data length before copyi...
CVE-2023-27346 TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-27333
CVE-2023-27333 concerns TP-Link Archer AX21 routers. The vulnerability is a stack-based buffer overflow in the tmpServer service when handling command 0x422, caused by improper validation of user-supplied data length copying into a fixed-length stack buffer. Exploitation could allow remote code e...
CVE-2023-27333 TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability
TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this...