Total
1412 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44158 | 1 Asus | 2 Rt-ax56u, Rt-ax56u Firmware | 2023-06-26 | 7.7 HIGH | 8.0 HIGH |
| ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service. | |||||
| CVE-2021-21960 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2023-06-26 | 7.5 HIGH | 10.0 CRITICAL |
| A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2021-46158 | 1 Siemens | 1 Simcenter Femap | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a stack based buffer overflow vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15085, ZDI-CAN-15289, ZDI-CAN-15602) | |||||
| CVE-2021-26635 | 1 Bandisoft | 1 Ark Library | 2023-06-26 | 6.8 MEDIUM | 7.8 HIGH |
| In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution. | |||||
| CVE-2023-34095 | 1 Openprinting | 1 Cpdb-libs | 2023-06-26 | N/A | 9.8 CRITICAL |
| cpdb-libs provides frontend and backend libraries for the Common Printing Dialog Backends (CPDB) project. In versions 1.0 through 2.0b4, cpdb-libs is vulnerable to buffer overflows via improper use of `scanf(3)`. cpdb-libs uses the `fscanf()` and `scanf()` functions to parse command lines and configuration files, dropping the read string components into fixed-length buffers, but does not limit the length of the strings to be read by `fscanf()` and `scanf()` causing buffer overflows when a string is longer than 1023 characters. A patch for this issue is available at commit f181bd1f14757c2ae0f17cc76dc20421a40f30b7. As all buffers have a length of 1024 characters, the patch limits the maximum string length to be read to 1023 by replacing all occurrences of `%s` with `%1023s` in all calls of the `fscanf()` and `scanf()` functions. | |||||
| CVE-2019-10954 | 1 Rockwellautomation | 10 Armor Compact Guardlogix 5370, Armor Compact Guardlogix 5370 Firmware, Compact Guardlogix 5370 and 7 more | 2023-06-20 | 7.8 HIGH | 7.5 HIGH |
| An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier. | |||||
| CVE-2023-25177 | 1 Deltaww | 1 Cncsoft-b | 2023-06-14 | N/A | 7.8 HIGH |
| Delta Electronics' CNCSoft-B DOPSoft versions 1.0.0.4 and prior are vulnerable to stack-based buffer overflow, which could allow an attacker to execute arbitrary code. | |||||
| CVE-2022-41664 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2023-06-13 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-29503 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-06-12 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-0341 | 1 Editorconfig | 1 Editorconfig | 2023-06-03 | N/A | 7.8 HIGH |
| A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer. | |||||
| CVE-2023-2837 | 1 Gpac | 1 Gpac | 2023-05-27 | N/A | 5.5 MEDIUM |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-29284 | 1 Adobe | 1 Substance 3d Painter | 2023-05-17 | N/A | 7.8 HIGH |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-2575 | 1 Advantech | 6 Eki-1521, Eki-1521 Firmware, Eki-1522 and 3 more | 2023-05-12 | N/A | 8.8 HIGH |
| Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request. | |||||
| CVE-2023-27355 | 1 Sonos | 4 One, One Firmware, S1 and 1 more | 2023-05-04 | N/A | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19773. | |||||
| CVE-2020-35492 | 1 Cairographics | 1 Cairo | 2023-05-03 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2021-34862 | 1 Dlink | 2 Dap-2020, Dap-2020 Firmware | 2023-04-26 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:menu parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13270. | |||||
| CVE-2021-34861 | 1 Dlink | 2 Dap-2020, Dap-2020 Firmware | 2023-04-26 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12104. | |||||
| CVE-2021-34863 | 1 Dlink | 2 Dap-2020, Dap-2020 Firmware | 2023-04-26 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the var:page parameter provided to the webproc endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13271. | |||||
| CVE-2022-2825 | 4 Ge, Ptc, Rockwellautomation and 1 more | 8 Industrial Gateway Server, Kepware Kepserverex, Opc-aggregator and 5 more | 2023-04-20 | N/A | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-18411. | |||||
| CVE-2023-26412 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Designer, Macos, Windows | 2023-04-20 | N/A | 7.8 HIGH |
| Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||