5755 matches found
CVE-2025-0438
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: High...
CVE-2024-39603
A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasicmesh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39757
A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-36258
A stack-based buffer overflow vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send an HTTP request to trigger this vulnerability...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 16 security fixes: 374627491 High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 379652406 High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 382786791 High...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 132 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 132.0.6834.83 Linux 132.0.6834.83/84 Windows, Mac contains a number of fixes and improvements -- a list of changes is...
PT-2025-1268 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 132.0.6834.83 Description: The issue is related to a stack buffer overflow in the Tracing component of Google Chrome, which could allow a remote attacker to exploit stack corruption via a crafted HTML page. Thi...
CVE-2024-53680
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...
CVE-2024-12803
A post-authentication stack-based buffer overflow vulnerability in SonicOS management allows a remote attacker to crash a firewall and potentially leads to code execution...
USN-7189-1: HTMLDOC vulnerabilities
It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. CVE-2021-20308 It was discovered that HTMLDOC incorrectly handled memory in pspdfexport,...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : HTMLDOC vulnerabilities (USN-7189-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7189-1 advisory. It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attack...
CVE-2018-4301
CVE-2018-4301 affects GemaltoKeyHandle.cpp in Smart Card Services. Root cause: a potential stack-based buffer overflow. Impact: high (confidentiality, integrity, and availability at risk) per CVSS metrics. A fix is provided in SCSSU-201801; affected software is Smart Card Services (GemaltoKeyHand...
CVE-2024-40427
Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute...
CVE-2024-40427
Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute...
K000149074: ZeroMQ vulnerabilities CVE-2014-9721 and CVE-2021-20236
Security Advisory Description CVE-2014-9721 libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header. CVE-2021-20236 A flaw was found in the ZeroMQ server in versions before 4.3....
RLSA-2024:11345 Important: gstreamer1-plugins-base security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fixes: gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in...
gstreamer1-plugins-base security update
An update is available for gstreamer1-plugins-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs of...
RockyLinux 8 : gstreamer1-plugins-base (RLSA-2024:11345)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:11345 advisory. gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbishandleidentificationpacket CVE-2024-47538 gstreamer1-plugins-base: out-of-bounds...
Medium: zziplib
Issue Overview: A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the zzipfetchdisktrailer function at /zzip/zip.c. CVE-2024-39134 Affected Packages: zziplib Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit th...
RHEL 9 : gstreamer1-plugins-base (RHSA-2024:11123)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11123 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages conta...