CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43700 – Ubuntu Security Notice USN-7192-1
https://notcve.org/view.php?id=CVE-2024-43700
29 Aug 2024 — xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment. It was discovered that xfpt did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the applicatio... • https://github.com/PhilipHazel/xfpt • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41881
https://notcve.org/view.php?id=CVE-2024-41881
29 Jul 2024 — SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment. • https://github.com/PhilipHazel/SDoP • CWE-121: Stack-based Buffer Overflow •