Total
2419 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-10615 | 1 Trianglemicroworks | 1 Scada Data Gateway | 2024-11-21 | 7.5 High |
| Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability. | ||||
| CVE-2020-10607 | 1 Advantech | 1 Webaccess | 2024-11-21 | 8.8 High |
| In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. | ||||
| CVE-2020-10599 | 1 Visam | 2 Vbase Editor, Vbase Web-remote | 2024-11-21 | 9.8 Critical |
| VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code. | ||||
| CVE-2020-10064 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 8.3 High |
| Improper Input Frame Validation in ieee802154 Processing. Zephyr versions >= v1.14.2, >= v2.2.0 contain Stack-based Buffer Overflow (CWE-121), Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7 | ||||
| CVE-2020-10029 | 7 Canonical, Debian, Fedoraproject and 4 more | 18 Ubuntu Linux, Debian Linux, Fedora and 15 more | 2024-11-21 | 5.5 Medium |
| The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c. | ||||
| CVE-2019-9956 | 3 Debian, Imagemagick, Redhat | 3 Debian Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. | ||||
| CVE-2019-9675 | 3 Canonical, Opensuse, Php | 3 Ubuntu Linux, Leap, Php | 2024-11-21 | N/A |
| An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible. | ||||
| CVE-2019-9209 | 4 Canonical, Debian, Opensuse and 1 more | 4 Ubuntu Linux, Debian Linux, Leap and 1 more | 2024-11-21 | 5.5 Medium |
| In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values. | ||||
| CVE-2019-8696 | 2 Apple, Redhat | 2 Mac Os X, Enterprise Linux | 2024-11-21 | 8.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. | ||||
| CVE-2019-8675 | 2 Apple, Redhat | 2 Mac Os X, Enterprise Linux | 2024-11-21 | 8.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. | ||||
| CVE-2019-8356 | 1 Sound Exchange Project | 1 Sound Exchange | 2024-11-21 | N/A |
| An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow. | ||||
| CVE-2019-8276 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 High |
| UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. | ||||
| CVE-2019-8269 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 High |
| UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207. | ||||
| CVE-2019-8263 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 6.5 Medium |
| UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206. | ||||
| CVE-2019-7482 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 9.8 Critical |
| Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. | ||||
| CVE-2019-6553 | 1 Rockwellautomation | 1 Rslinx | 2024-11-21 | 9.8 Critical |
| A vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based buffer overflow condition. | ||||
| CVE-2019-6550 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution. | ||||
| CVE-2019-6537 | 1 We-con | 1 Levistudiou | 2024-11-21 | 7.8 High |
| Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage these vulnerabilities to execute code under the context of the current process. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to NCCIC. | ||||
| CVE-2019-5621 | 1 Abbs Software Audio Media Player Project | 1 Abbs Software Audio Media Player | 2024-11-21 | 7.8 High |
| ABBS Software Audio Media Player version 3.1 suffers from an instance of CWE-121: Stack-based Buffer Overflow. | ||||
| CVE-2019-5619 | 1 Aasync | 1 Aasync | 2024-11-21 | 9.8 Critical |
| AASync.com AASync version 2.2.1.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow. | ||||