115 matches found
CVE-2023-25105
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2018-21206
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 befor...
Amazon Linux AMI : ghostscript (ALAS-2025-1967)
The version of ghostscript installed on the remote host is prior to 8.70-24.34. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1967 advisory. The calculation of the buffer size was being done with int values, and overflowing that data type. The bug has exist...
Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to denial of service, buffer overflow and allow a local authenticated attacker to gain elevated privileges
Summary glibc, gnutls, gnupg are used by Execution Engine for Apache Hadoop in all the components. CVE-2023-0687, CVE-2023-4911, CVE-2021-3998, CVE-2023-5156, CVE-2023-4527, CVE-2023-4813, CVE-2022-3515, CVE-2024-28835, CVE-2024-28834 Vulnerability Details CVEID:CVE-2023-0687 DESCRIPTION: GNU C...
Important: tigervnc security update
Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...
Linux Distros Unpatched Vulnerability : CVE-2021-44499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an...
Debian dla-3978 : editorconfig - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3978 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3978-1 [email protected]...
[SECURITY] [DLA 3865-1] frr security update
Debian LTS Advisory DLA-3865-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost September 03, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb11u3 CVE ID : CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035...
SUSE-SU-2024:1909-1 Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: - CVE-2020-22021: Fixed buffer overflow vulnerability in filteredges function in libavfilter/vfyadif.c bsc1186586. - CVE-2023-51794: Fixed a heap buffer overflow in libavfilter. bsc1223437...
RHEL 5 : sox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sox: buffer overflow read vulnerability CVE-2021-3643 - The startread function in wav.c in Sound eXchange...
SUSE-SU-2023:4662-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2021-3638: hw/display/ati2d: Fix buffer overflow in ati2dblt bsc1188609 - CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request bsc1213925 - CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake...
PT-2023-4222 · NetGear · Netgear Wnr2000V2 +2
Name of the Vulnerable Software and Affected Versions: Netgear JWNR2000v2 version 1.0.0.11 Netgear XWN5001 version 0.4.1.1 Netgear XAVN2001v2 version 0.4.0.7 Description: The issue is related to buffer overflows in the update auth function, which can be exploited via the http passwd and http...
CVE-2022-41015
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41011
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41005
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-40986
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2017-16294
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
PT-2023-10545 · Insteon · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer...
PT-2023-10592 · Unknown · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub. Specially crafted commands sent through the PubNub service can cause a...
PT-2023-10578 · Unknown · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub. Specially crafted commands sent through the PubNub service can cause a...