Delta Electronics DIAScreen DPA File Parsing Stack Buffer Overflow Vulnerability

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in Taiwan, China. A stack buffer overflow vulnerability exists in the Delta Electronics DIAScreen DPA file parsing, which can be exploited by an attacker to execute arbitrary code...

The vulnerability of the dbsrv_asp function in the /dbsrv.asp file of the D-Link DI-8003 device’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the dbsrvasp function in the /dbsrv.asp file of the D-Link DI-8003 device’s microprogramming system is related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely by injecting a specially crafted comma...

Delta Electronics DIAScreen 安全漏洞

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in Taiwan, China. A stack buffer overflow vulnerability exists in the Delta Electronics DIAScreen DPA file parsing, which can be exploited by an attacker to execute arbitrary code...

PT-2024-32883 · Ivanti · Ivanti Connect Secure

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.3 Description: A stack-based buffer overflow in IPsec allows a remote unauthenticated attacker to cause a denial of service. Recommendations: For versions prior to 22.7R2.3, update to version...

Delta Electronics DIAScreen DPA File Parsing Stack Buffer Overflow Vulnerability (CNVD-2025-01799)

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in Taiwan, China. A stack buffer overflow vulnerability exists in the Delta Electronics DIAScreen DPA file parsing, which can be exploited by an attacker to execute arbitrary code...

OESA-2024-2363 dcraw security update

This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. Security Fixes: CVE-2017-13735 CVE-2017-14608 A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remot...

SQLite3 generate_series Stack Buffer Underflow Vulnerability

SQLite3 suffers from a stack buffer underflow condition in seriesBestIndex in the generateseries extension. Vulnerability details static int seriesBestIndex sqlite3vtab pVTab, sqlite3indexinfo pIdxInfo int i, j; / Loop over constraints / int idxNum = 0; / The query plan bitmask / ifndef...

OSV-2022-1288 Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376787368 Crash type: Stack-buffer-overflow READ 1 Crash state: bool SmilesParseOps::parser::parseatomprops bool SmilesParseOps::parser::parseit SmilesParseOps::parseCXExtensions...

SQLite3 generate_series Stack Buffer Underflow

Vulnerability details static int seriesBestIndex sqlite3vtab pVTab, sqlite3indexinfo pIdxInfo int i, j; / Loop over constraints / int idxNum = 0; / The query plan bitmask / ifndef ZEROARGUMENTGENERATESERIES int bStartSeen = 0; / EQ constraint seen on the START column / endif int unusableMask = 0;...

OSV-2024-1261 Stack-buffer-overflow in _pcre2_compile_class_not_nested_16

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376515526 Crash type: Stack-buffer-overflow WRITE 2 Crash state: pcre2compileclassnotnested16 compileclassoperand pcre2compileclassnested16...

The vulnerability of the formSetRebootTimer function (/goform/SetSysAutoRebbotCfg) in the Tenda AC8 router’s microprogramming system allows a intruder to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the compareparentcontroltime function /goform/saveParentControlInfo in the Tenda AC8 router’s microprogramming system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability in the /cgi-bin/ipfedr.cgi web interface of DrayTek Vigor software allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the /cgi-bin/ipfedr.cgi web interface of the DrayTek Vigor router software lies in buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by sending a specially crafted HTTP request...

Fortinet Fortigate Stack-based buffer overflows in diagnostic CLI commands (FG-IR-21-179)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-179 advisory. - A stack-based buffer overflow vulnerability CWE-121 in the command line interpreter of FortiOS before 7.0.4 and FortiProxy...

Fortinet FortiWeb Multiple stack-based buffer overflow vulnerabilities in CLI command (FG-IR-20-206)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-206 advisory. - A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute...

CVE-2024-40494

Buffer Overflow in coapmsg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service stack buffer overflow via a crafted packet...

PT-2024-28877 · Freecoap · Freecoap

Name of the Vulnerable Software and Affected Versions: FreeCoAP affected versions not specified Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted packet, resulting in a stack buffer overflow in the coap msg.c file. Recommendations:...

CBL Mariner 2.0 Security Update: redis / valkey (CVE-2024-31449)

The version of redis / valkey installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31449 advisory. - Redis is an open source, in-memory database that persists on disk. An authenticated user May use a...

Qnap QTS Out-of-bounds Write (CVE-2021-34343)

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS...

Qnap QTS Out-of-bounds Write (CVE-2021-28816)

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS...

Adobe Animate stack buffer overflow vulnerability (CNVD-2024-41254)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...