PT-2023-35932 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash occurs in the following functions: initialize encryption key, cli ole2 extract, and...

Citrix ADC (NetScaler) Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler Forms SSO Target RCE', 'Description' = %q A vulnerability exists within Citrix ADC that allows an unauthenticated attacker t...

PHP 8.0.x < 8.0.30 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.0.30. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.0.30 advisory. - In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR...

Citrix ADC (NetScaler) Forms SSO Target RCE

A vulnerability exists within Citrix ADC that allows an unauthenticated attacker to trigger a stack buffer overflow of the nsppe process by making a specially crafted HTTP GET request. Successful exploitation results in remote code execution as root. Module Options msf use...

Mozilla: Stack buffer overflow in StorageManager

The Mozilla Foundation Security Advisory describes this flaw as: In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape...

Mozilla: Stack buffer overflow in StorageManager

The Mozilla Foundation Security Advisory describes this flaw as: In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape...

PT-2023-5957 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.0. before 8.0.30 PHP versions 8.1. before 8.1.22 PHP versions 8.2. before 8.2.8 Description: The issue is caused by insufficient length checking when loading phar files, leading to a stack buffer overflow, which can result in...

Mozilla Firefox ESR Security Advisories (MFSA2023-26, MFSA2023-31) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

RHEL 8 : firefox (RHSA-2023:4469)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4469 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Mozilla Firefox ESR Security Advisories (MFSA2023-26, MFSA2023-30) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox ESR Security Advisories (MFSA2023-26, MFSA2023-30) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

SUSE-SU-2023:3163-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR bsc1213746. - CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas bmo1833876. - CVE-2023-4046: Fixed incorrect value used during WASM compilation...

SUSE-SU-2023:3162-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR bsc1213746: - CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas bmo1833876. - CVE-2023-4046: Fixed incorrect value used during WASM compilation...

SUSE-SU-2023:3161-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR bsc1213746. - CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas bmo1833876. - CVE-2023-4046: Fixed incorrect value used during WASM compilation...

CVE-2023-34551

In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0...

CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

CVE-2023-4050

CVE-2023-4050 affects Mozilla Firefox and Firefox ESR (and related Linux distro advisories). The root cause is untrusted input streams being copied to a stack buffer without proper size checks, leading to a potentially exploitable crash that could enable sandbox escape. Public-facing details acro...

CVE-2023-34551

In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0...

CVE-2023-34551

In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0...

CVE-2023-34551

EZVIZ CVE-2023-34551 describes two stack buffer overflows in the netClientSetWlanCfg function of the EZVIZ SDK command server that allow an authenticated attacker on the same LAN to achieve remote code execution. Affected CS-C6N-B0-1G2WF, CS-C6N-R101-1G2WF, CS-CV310-A0-1B2WFR, CS-CV310-A0-1C2WFR-...