5756 matches found
PT-2023-21414 · Autodesk · Autodesk Autocad
Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD version 2023 Description: A maliciously crafted X B file can be used to write beyond the allocated buffer, causing a Stack Buffer Overflow when parsed through Autodesk AutoCAD. This can be leveraged by a malicious actor to...
CVE-2023-27914
Autodesk AutoCAD 2023 is affected by CVE-2023-27914 due to parsing a malicious X_B file, which can cause a stack buffer overflow. The underlying issue is a write beyond the allocated buffer, leading to crashes, potential data leakage, or arbitrary code execution within the process context. The pu...
CVE-2023-26383
Adobe Substance 3D Stager version 2.0.1 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Rocket Software Unidata udadmin_server Stack Buffer Overflow in Password
This modlue exploits an authentication bypass vulnerability in the Linux version of udadminserver, which is an RPC service that comes with the Rocket Software UniData server, which runs as root. This vulnerability affects UniData versions 8.2.4 build 3003 and earlier for Linux, but this module...
CVE-2023-28488
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...
OSV-2023-285 Stack-buffer-overflow in fn_ElIn_evaluate
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57745 Crash type: Stack-buffer-overflow WRITE 4 Crash state: fnElInevaluate pdfisetblackgeneration GSBG...
PT-2023-35759 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash, specifically a WRITE 4 operation. The crash occurs in the fn ElIn evaluate function, which is call...
Autodesk FBX-SDK library < 2020.3.4 Multiple Vulnerabilities (ADSK-SA-2023-0004)
The version of Autodesk FBX-SDK library installed on the remote host is prior to 2020.3.4. It is, therefore, affected by multiple vulnerabilities: - An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or...
SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow
Exploit Title: SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: 1.1.2 Summary: The SOUND4 Link&Share L&S is a simple and open protocol that...
OSV-2023-251 Stack-buffer-overflow in ext11_work_out_bundles
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57494 Crash type: Stack-buffer-overflow WRITE 4 Crash state: ext11workoutbundles dissectorancsection dissectoran...
Router ZTE-H108NS - Stack Buffer Overflow (DoS)
Exploit Title: ZTE-H108NS - Stack Buffer Overflow DoS Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://www.zte.com.cn/global/ Firmware: H108NSV1.0.7uZRDGR2A68 Usage: python zte-exploit.py CVE: N/A Tested on: Debian 5.18.5 !/usr/bin/python3 import sys import socket from time impor...
PT-2023-35740 · Git +1 · Wireshark
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details include a crash type of Stack-buffer-overflow WRITE 4. The crash state involves...
CVE-2023-28504 Stack buffer overflow in UniRPC library function
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user...
CVE-2023-28504 Stack buffer overflow in UniRPC library function
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user...
CVE-2023-28502 Stack buffer overflow in UniRPC's udadmin_server service
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the root user...
CVE-2022-28315
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28306
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Wago PFC200 iocheckd service 'I/O-Check' cache Memory Corruption (CVE-2019-5185)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as an...
Wago PFC200 iocheckd service 'I/O-Check' cache Memory Corruption (CVE-2019-5186)
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1eb9c the extracted interface element name from the xml file is...
DEBIAN-CVE-2022-0194
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the adaddcomment function. The issue results from the lack of proper validation of the length o...