CVE-2019-13103

A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data...

Insteon Hub Buffer Overflow Vulnerability (CNVD-2019-13142)

The Insteon Hub is an Insteon central controller product from Insteon USA. This product can remotely control light bulbs, wall switches, air conditioners and more in your home. A buffer overflow vulnerability exists in Insteon Hub 2245-222 using firmware version 1012. An attacker could exploit th...

CVE-2018-3980

An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability...

CVE-2017-2875

An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data...

CVE-2017-2878

An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an...

Computerinsel Photoline Stack Buffer Overflow Vulnerability (CNVD-2018-17434)

Computerinsel Photoline is a suite of image editing software. A stack buffer overflow vulnerability exists in the ANI parsing feature in Computerinsel Photoline version 20.54. An attacker can exploit this vulnerability by sending a specially crafted ANI image to overwrite arbitrary data and execu...

PT-2018-16315 · Computerinsel · Computerinsel Photoline

Name of the Vulnerable Software and Affected Versions: Computerinsel Photoline version 20.54 Description: A memory corruption issue exists in the PCX-parsing functionality. Processing a specially crafted PCX image can lead to an out-of-bounds write, allowing an attacker to overwrite arbitrary dat...

Design/Logic Flaw

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

Out-of-bounds

An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability...

CVE-2018-3871

An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability an...

Computerinsel Photoline ANI Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver an ANI image to trigger this...

Heap overflow

An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...

CVE-2018-3889

A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution...

PT-2018-16282 · Talos +1 · Computerinsel Photoline +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A specially crafted PCX image can cause an out-of-bounds write when processed, allowing an attacker to overwrite arbitrary data and potentially gain code execution by delivering a...

Computerinsel Photoline PCX Parsing Function Memory Corruption Vulnerability

PhotoLine is a multipurpose image and graphics editor. A memory corruption vulnerability exists in the PCX parsing feature of Computerinsel Photoline 20.53. An attacker can exploit the vulnerability by crafting a PCX image to cause out-of-bounds writes, overwrite arbitrary data, and thus enable...

PT-2018-16262 · Talos +1 · Computerinsel Photoline +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: A specially crafted TIFF image can cause an out-of-bounds write when processed, allowing an attacker to overwrite arbitrary data and potentially gain code execution by delivering a...

PT-2018-16255 · Talos +1 · Computerinsel Photoline +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a...

CVE-2018-3886

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability...

CVE-2017-14463

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

Input validation

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a DoS vulnerability. Due to insufficient input validation, an authenticated, remote...