5902 matches found
CVE-2021-32292
An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program jsonparse which is located in the function parseit...
OSV-2023-721 Stack-buffer-overflow in crc24q_check
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61617 Crash type: Stack-buffer-overflow READ 1 Crash state: crc24qcheck packetparse FuzzPacket.c...
PT-2023-35964 · Git +1 · Gpsd
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A stack-buffer-overflow read issue is identified, potentially causing a crash. The crash occurs in the crc24q check function, which is called by packet...
PHP 8.2.x < 8.2.9 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.2.9 advisory. - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state ...
The vulnerability of the CNCSoft software for numerical control programming systems and the CNCSoft ScreenEditor, which allows a hacker to execute arbitrary code.
The vulnerability of CNCSoft’s numerical control software and CNCSoft ScreenEditor lies in buffer overflow on the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Fedora 38 : php (2023-984c26961f)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-984c26961f advisory. PHP version 8.2.9 03 Aug 2023 Build: Fixed bug GH-11522 PHP version check fails with '-' separator. SVGAnimate CLI: Fix interrupted CLI output causi...
CVE-2023-3824
In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...
CVE-2023-3824
In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...
CVE-2023-3824
CVE-2023-3824 affects PHP runtimes 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8. When loading a PHAR file and reading PHAR directory entries, PHP may fail an insufficient length check, allowing a stack buffer overflow that can cause memory corruption and potentially remote cod...
CVE-2023-3824
In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...
CVE-2023-3824
In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...
Fedora 37 : php (2023-c68f2227e6)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c68f2227e6 advisory. PHP version 8.1.22 03 Aug 2023 Build: Fixed bug GH-11522 PHP version check fails with '-' separator. SVGAnimate CLI: Fix interrupted CLI output...
CVE-2023-3824
In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...
Citrix ADC (NetScaler) Remote Code Execution Exploit
A vulnerability exists within Citrix ADC that allows an unauthenticated attacker to trigger a stack buffer overflow of the nsppe process by making a specially crafted HTTP GET request. Successful exploitation results in remote code execution as root. This module requires Metasploit:...
ALSA-2023:4497 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation CVE-2023-4046 Mozilla:...
OSV-2023-648 Stack-buffer-overflow in parse_regex
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61131 Crash type: Stack-buffer-overflow READ 1 Crash state: parseregex parseregex parseregex...
Metasploit Weekly Wrap-Up
Fly High in the Sky With This New Cloud Exploit! This week, a new module was added that takes advantage of both authentication bypass and command injection in certain versions of Western Digital's MyCloud hardware. Submitted by community member Erik Wynter, this module gains access to the target,...
PT-2023-35932 · Git +1 · Clamav
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash occurs in the following functions: initialize encryption key, cli ole2 extract, and...
Citrix ADC (NetScaler) Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler Forms SSO Target RCE', 'Description' = %q A vulnerability exists within Citrix ADC that allows an unauthenticated attacker t...