Incorrect Zero Termination Vulnerability in Multiple Siemens Products (CNVD-2021-89436)

Nucleus NET modules integrate a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. A security vulnerability exists in several Siemens products, which stems from the FTP server not properly...

Incorrect Zero Termination Vulnerability in Multiple Siemens Products (CNVD-2021-89437)

The Nucleus NET module integrates a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device, and the Nucleus RTOS is a microkernel-based real-time operating system. A security vulnerability exis...

CentOS 8 : GNOME (CESA-2021:4381)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4381 advisory. - webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558 - LibRaw: Stack buffer overflow in...

CVE-2020-23904

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service DoS via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program...

CVE-2020-23904

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service DoS via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program...

CVE-2020-23877

pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream...

CVE-2020-23878

pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch...

CVE-2020-23878

pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch...

CVE-2020-23877

pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream...

Stack overflow

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service DoS via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program...

CVE-2020-23904

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service DoS via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program...

CVE-2020-23904

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service DoS via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program...

CVE-2020-23904

CVE-2020-23904 affects Speex v1.2, with a stack-based buffer overflow in speexenc.c triggered by a crafted WAV file. The vulnerability can lead to a denial of service. The vendor notes inability to reproduce it and describes Speex as a demo program, which implies limited or unverified exploit pra...

CVE-2020-23878

Summary: CVE-2020-23878 affects pdf2json v0.71, with a stack buffer overflow in the XRef::fetch function. The vulnerability is documented across multiple feeds as a buffer overflow in a Java-based PDF-to-JSON library (pdf2json). Impact: CVSS metrics indicate high to critical severity (CVSS‑2.0: b...

CVE-2020-23878

pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch...

CVE-2020-23877

pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream...

CVE-2020-23877

CVE-2020-23877 affects pdf2xml/pdftoxml version 2.0, where a stack buffer overflow is exposed in the getObjectStream component. The CVE is documented across multiple sources (NVD entry and CNVD/CNNVD variants) and indicates a high-severity issue (CVSS v2: AV:N/AC:L/Au:N/C:P/I:P/A:P; CVSS v3.1: CR...

The vulnerability of the Advantech WebAccess remote monitoring software arises from buffer overflows in the stack, allowing a hacker to execute arbitrary code.

The vulnerability of Advantech WebAccess remote monitoring software arises due to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

openSUSE 15 Security Update : binutils (openSUSE-SU-2021:3643-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3643-1 advisory. - A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger...

SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2021:3643-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3643-1 advisory. - A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted...