6890 matches found
kernel: x86/speculation: Fill RSB on vmexit for IBRS
In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...
CVE-2022-33183
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands...
CVE-2022-33183
CVE-2022-33183 describes a stack buffer overflow in the Brocade Fabric OS CLI. The vulnerability affects Brocade Fabric OS Command Line Interface prior to versions v9.1.0, v9.0.1e, v8.2.3c, v8.2.0cbn5, and v7.4.2.j, enabling a remote authenticated attacker to trigger a stack overflow via the firm...
CVE-2022-33183
A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in “firmwaredownload” and “diagshow” commands...
OSV-2022-1084 Stack-buffer-overflow in authentic_parse_size
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52662 Crash type: Stack-buffer-overflow READ 1 Crash state: authenticparsesize authenticgettaggeddata authenticparsecredentialdata...
The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in buffer overflow in the stack, allowing a hacker to execute arbitrary code.
The vulnerability of the monitoring software for the functions and states of Advantech R-SeeNet routers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
Advantech R-SeeNet Stack Buffer Overflow Vulnerability
Advantech R-SeeNet is an industrial monitoring software from Advantech China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet 2.4.17 and previous versions are vulnerable to a stack buffer overflow vulnerabilit...
OSV-2022-1079 Stack-buffer-overflow in add_ff_action
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52596 Crash type: Stack-buffer-overflow WRITE 9 Crash state: addffaction dissectieeeNUMBERpv0 dissectieeeNUMBERcommon...
CVE-2022-23462
IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service DOS when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit...
CVE-2022-23462
Vulnerability focus: IOWOW C utility library/persistent key/value store (versions ≤ 1.4.15) has a stack buffer overflow when parsing JSON numbers in scientific notation, enabling Denial of Service. The issue is addressed by the patch at commit a79d31e4cff1d5a08f665574b29fd885897a28fd in the maste...
CVE-2022-23462 Stack Buffer Overflow in iowow
IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service DOS when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit...
CVE-2022-23462 Stack Buffer Overflow in iowow
IOWOW is a C utility library and persistent key/value storage engine. Versions 1.4.15 and prior contain a stack buffer overflow vulnerability that allows for Denial of Service DOS when it parses scientific notation numbers present in JSON. A patch for this issue is available at commit...
OSV-2022-1065 Stack-buffer-overflow in Curl_output_aws_sigv4
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52517 Crash type: Stack-buffer-overflow WRITE Crash state: Curloutputawssigv4 outputauthheaders Curlhttpoutputauth...
Tenda AC10 Stack Buffer Overflow Vulnerability
The Tenda AC10 is a wireless router. The Tenda AC10 suffers from a stack buffer overflow vulnerability that is caused by a failure of the addWifiMacFilter function to properly bounds check. An attacker can exploit this vulnerability to cause a buffer overflow and execute arbitrary code on the...
Tenda AC10 Stack Buffer Overflow Vulnerability (CNVD-2023-50811)
The Tenda AC10 is a wireless router. The Tenda AC10 suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking in the formSetClientState function. An attacker can exploit this vulnerability to cause a buffer overflow and execute arbitrary code on the system, ...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue - Microsof...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64 to version 6.0.3 or higher. References - Dotnet Announcement -...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64 to version 6.0.3 or higher. References - Dotnet Announcement -...