Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

Debian Security Advisory 5523-1

Debian Linux Security Advisory 5523-1 - Two security issues were found in Curl, an easy-to-use client-side URL transfer library and command line tool.

Packet Storm
Open in Source
#linux#debian#js#buffer_overflow
Red Hat Security Advisory 2023-5610-01

Red Hat Security Advisory 2023-5610-01 - The GNU tar program can save multiple files in an archive and restore files from an archive. Issues addressed include a buffer overflow vulnerability.

CVE-2023-34346: TALOS-2023-1764 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability.

CVE-2023-31272: TALOS-2023-1765 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE-2023-35967: TALOS-2023-1788 || Cisco Talos Intelligence Group

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function.

CVE-2023-34426: TALOS-2023-1766 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the httpd manage_request functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE-2023-35055: TALOS-2023-1761 || Cisco Talos Intelligence Group

A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the gozila_cgi function.

CVE-2023-35965: TALOS-2023-1787 || Cisco Talos Intelligence Group

Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is used as argument for the malloc function.

CVE-2023-34365: TALOS-2023-1763 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability.

Red Hat Security Advisory 2023-5597-01

Red Hat Security Advisory 2023-5597-01 - The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Issues addressed include a buffer overflow vulnerability.