Total
2040 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-7439 | 1 Vivotek | 2 Cc8160, Cc8160 Firmware | 2024-08-06 | 8.8 High |
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273524. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life. | ||||
CVE-2013-6462 | 2 Redhat, X | 2 Enterprise Linux, Libxfont | 2024-08-06 | N/A |
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in a character name in a BDF font file. | ||||
CVE-2013-6369 | 1 Cambridge Enterprise | 1 Jbig-kit | 2024-08-06 | N/A |
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file. | ||||
CVE-2013-4588 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-08-06 | 7.0 High |
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function. | ||||
CVE-2013-4458 | 3 Gnu, Redhat, Suse | 4 Glibc, Enterprise Linux, Linux Enterprise Debuginfo and 1 more | 2024-08-06 | N/A |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914. | ||||
CVE-2013-4473 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2024-08-06 | N/A |
Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename. | ||||
CVE-2013-4290 | 1 Uclouvain | 1 Openjpeg | 2024-08-06 | N/A |
Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c. | ||||
CVE-2013-4276 | 1 Littlecms | 1 Little Cms Color Engine | 2024-08-06 | N/A |
Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility. | ||||
CVE-2013-4357 | 5 Canonical, Debian, Eglibc and 2 more | 5 Ubuntu Linux, Debian Linux, Eglibc and 2 more | 2024-08-06 | 7.5 High |
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. | ||||
CVE-2013-4282 | 2 Redhat, Spice Project | 3 Enterprise Linux, Enterprise Virtualization, Spice | 2024-08-06 | N/A |
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. | ||||
CVE-2024-28283 | 2024-08-06 | 6.7 Medium | ||
There is stack-based buffer overflow vulnerability in pc_change_act function in Linksys E1000 router firmware version v.2.1.03 and before, leading to remote code execution. | ||||
CVE-2013-2236 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2024-08-06 | N/A |
Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA. | ||||
CVE-2013-2004 | 2 Redhat, X | 2 Enterprise Linux, Libx11 | 2024-08-06 | N/A |
The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. | ||||
CVE-2013-1961 | 2 Redhat, Remotesensing | 2 Enterprise Linux, Libtiff | 2024-08-06 | N/A |
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file. | ||||
CVE-2013-1828 | 1 Linux | 1 Linux Kernel | 2024-08-06 | N/A |
The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call. | ||||
CVE-2013-1591 | 2 Palemoon, Redhat | 3 Pale Moon, Enterprise Linux, Enterprise Virtualization | 2024-08-06 | 9.8 Critical |
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop. | ||||
CVE-2013-0288 | 2 Arthurdejong, Redhat | 2 Nss-pam-ldapd, Enterprise Linux | 2024-08-06 | N/A |
nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer overflow related to incorrect use of the FD_SET macro. | ||||
CVE-2013-0272 | 2 Pidgin, Redhat | 3 Pidgin, Enterprise Linux, Rhel Productivity | 2024-08-06 | N/A |
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header. | ||||
CVE-2013-0249 | 2 Canonical, Haxx | 3 Ubuntu Linux, Curl, Libcurl | 2024-08-06 | N/A |
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message. | ||||
CVE-2014-10071 | 3 Canonical, Redhat, Zsh | 3 Ubuntu Linux, Enterprise Linux, Zsh | 2024-08-06 | N/A |
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax. |