#buffer_overflow

A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkStation models could allow an attacker with local access to elevate their privileges to execute arbitrary code.

A buffer overflow in EasyPlayerPro-Win v3.2.19.0106 to v3.6.19.0823 allows attackers to cause a Denial of Service (DoS) via a crafted XML file.

A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 244107.

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.