Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability

Summary An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this...

Foscam IP Video Camera Buffer Overflow Vulnerability (CNVD-2017-34270)

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A buffer overflow vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to overwrite arbitrary data...

Foscam C1 Indoor HD Camera Buffer Overflow Vulnerability

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A buffer overflow vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera using application firmware version 2.52.2.37. An attacker can exploit the vulnerability by sending an HTTP request to t...

CVE-2017-2831

An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an...

CVE-2017-1000363

A vulnerability was found in the Linux kernel's lpsetup function where it doesn't apply any bounds checking when passing "lp=none". This can result into overflow of the parportnr array. An attacker with control over kernel command line can overwrite kernel code and data with fixed 0xff values...

The vulnerability of the embedded software of the programmable logic controller OVEEN PLK110 allows a intruder to overwrite data stored in the stack or execute arbitrary code.

The vulnerability of the embedded software of the OVEEN PLC110 programmable logic controller lies in the lack of checks for the length of the file name during the generation of the error message when processing a read or write request for the file. This leads to buffer overflows in the stack...

Integer overflow

When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will cause the buffer to be...

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

A vulnerability exists in the SnifferDecompress function in the wireshark/Wireshark DOS Sniffer processing tool, due to the possibility of data overwriting during copying. Exploiting this vulnerability allows malicious actors operating remotely to cause a service failure abrupt termination of the...

CVE-2016-1954

The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...

Code injection

The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...

CVE-2016-1954

The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...

CVE-2016-1954

The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy CSP violation report, which allows remote attackers to cause a denial of service data...

srm - command-line program to delete files securely

srm is a secure replacement for rm1. Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it's unlikely tha...

CVE-2014-6432

Wireshark vulnerable component: Sniffer file parser (wiretap/ngsniffer.c). CVE-2014-6432 is caused by the SnifferDecompress function not preventing data overwrites during copy operations, enabling DoS (application crash) via a crafted file. Affected versions: Wireshark 1.10.x before 1.10.10 and 1...

CVE-2014-6432

The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service application crash via a crafted file...

Authorization

The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service data overwrite or disk consumption via...

CVE-2013-6714

The CVE-2013-6714 issue affects IBM Tivoli Storage FlashCopy Manager for VMware (FlashCopy Manager for VMware) 3.1, 3.2 and 4.1, where the GUI does not properly enforce authorization for backup/restore operations. This can allow local users to access VM data or perform restores that overwrite pro...

CVE-2013-6714

The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local users to obtain sensitive VM data or cause a denial of service data overwrite or disk consumption via...

[SECURITY] Fedora 19 Update: srm-1.2.13-1.fc19

srm is a secure replacement for rm1. Unlike the standard rm, it overwrites the data in the target files before unlinkg them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examination of the disk, although it's unlikely that...

Mandriva Linux Security Advisory : cups-pk-helper (MDVSA-2013:069)

Updated cups-pk-helper package fixes security vulnerability : cups-pk-helper, a PolicyKit helper to configure CUPS with fine-grained privileges, wraps CUPS function calls in an insecure way. This could lead to uploading sensitive data to a CUPS resource, or overwriting specific files with the...