Astra Linux - уязвимость в gst-plugins-bad1.0

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...

CVE-2026-2920 GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

Eclipse Paho Go MQTT v3.1 library 安全漏洞

Eclipse Paho Go MQTT v3.1 library is a Go language software library from the Eclipse Foundation. A security vulnerability exists in Eclipse Paho Go MQTT v3.1 library version 1.5.0 and prior versions, which originates from an overflow during unchecked data-length conversion and could lead to the...

Apple macOS USD importMeshJointWeights Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD library. T...

Tesla Model S 安全漏洞

The Tesla Model S is an automobile from the American company Tesla. A security vulnerability exists in the Tesla Model S oFono that stems from a failure to validate data length when parsing AT command responses, which could result in a heap buffer overflow...

node-twain security vulnerability

node-twain is a nodejs client SDK for TWAIN nodejs by lossa individual developer. can control scanners that implement the TWAIN protocol. A security vulnerability exists in node-twain that stems from not checking the length of the source data and is susceptible to improper checking or exception...

UBUNTU-CVE-2024-0444

GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

The vulnerability of the DDP microprogramming software-based wireless access point D-Link DAP-2622 allows a intruder to execute any code within the root context.

The vulnerability of the DDP microprogramming software-based wireless access point D-Link DAP-2622 lies in the lack of proper verification of the length of data provided by users before they are copied into a fixed-length stack buffer. Exploiting this vulnerability allows a malicious actor to...

SUSE CVE-2022-43634

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsiwriteinit function. The issue results from the lack of proper validation of the length o...

Nikon NIS-Elements Viewer 安全漏洞

Nikon NIS-Elements Viewer is a free stand-alone program from Nikon Japan. It is used to view image files and data sets. A security vulnerability exists in Nikon NIS-Elements Viewer version 1.2100.1483.0, which stems from the parsing of PSD images without proper validation of the length of the...

CVE-2021-46638

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-34827

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...

Qualcomm Video Buffer Error Vulnerability

Qualcomm Video is a Qualcomm Incorporated USA video component used in Qualcomm products. A buffer error vulnerability exists in Qualcomm Video, which stems from a failure to check the length of data received from a user, and could result in a heap overflow when parsing NAL headers. The following...

CVE-2020-15635

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers with firmware 1.0.4.8410.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the acsd service, which...

HPE Intelligent Management Center Remote Code Execution Vulnerability

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services, and users. wireless Service Manager WSM Software is o...

HPE Intelligent Management Center Remote Code Execution Vulnerability (CNVD-2019-03320)

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services, and users. wireless Service Manager WSM Software is o...

CVE-2017-12704

A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.220170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could...