#buffer_overflow

Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver.

A buffer overflow in the level parsing code of RobTop Games AB Geometry Dash v2.113 allows attackers to execute arbitrary code via entering a Geometry Dash level.

1. EXECUTIVE SUMMARY CVSS v3 7.8  ATTENTION: Low attack complexity  Vendor: Panasonic  Equipment: Control FPWIN Pro7  Vulnerabilities: Type Confusion, Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer  2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in information disclosure or remote code execution on affected installation. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Panasonic Control FPWIN, are affected:  Control FPWIN: version 7.6.0.3 and all previous versions 3.2 VULNERABILITY OVERVIEW 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 In Panasonic Control FPWIN versions 7.6.0.3 and prior, a stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or a parameter to a function). CVE-2023-28728 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector stri...

A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.

A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: 252184.

A buffer overflow in ACDSee Free v2.0.2.227 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload.

In all, Cisco Talos is releasing 22 security advisories today, nine of which have a CVSS score greater than 8, associated with 69 CVEs.