CVE-2015-7747

CVE-2015-7747 affects the Audio File Library (audiofile/libaudiofile). The vulnerability is a buffer overflow in afReadFrames that can be triggered by a crafted audio file, potentially causing a denial of service or arbitrary code execution. The issue is corroborated across multiple feeds (includ...

Stack overflow

Off-by-one error in the OBJobj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service program crash or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow. Note: this vulnerability exists because of an...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1940)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : giflib (EulerOS-SA-2019-2587)

According to the versions of the giflib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service program crash via crafted image an...

Memory Corruption Vulnerability in iPubsoft PDF Combiner

iPubsoft PDF Combiner is a PDF processing tool. A memory corruption vulnerability exists in iPubsoft PDF Combiner, which can be exploited by attackers to cause the program to crash by constructing malformed PDF files...

Memory Corruption Vulnerability in iPubsoft PDF to GIF Converter for Windows

iPubsoft PDF to GIF Converter for Windows is a PDF processing tool. A memory corruption vulnerability exists in iPubsoft PDF to GIF Converter for Windows, which can be exploited by attackers to cause the program to crash by constructing malformed PDF files...

Memory Corruption Vulnerability in iPubsoft PDF to PNG Converter for Windows

iPubsoft PDF to PNG Converter for Windows is a PDF processing tool. A memory corruption vulnerability exists in iPubsoft PDF to PNG Converter for Windows, which can be exploited by attackers to cause the program to crash by constructing malformed PDF files...

Denial of Service Vulnerability in Oceanis Browser

Maxthon is a multi-tab browser. A denial of service vulnerability exists in Maxthon Browser, which can be exploited by attackers to cause the program to crash...

EulerOS 2.0 SP5 : elfutils (EulerOS-SA-2019-2141)

According to the versions of the elfutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based...

Unspecified vulnerability in Qpid C++

Qpid C++ is a message-oriented middleware message broker program written in C++ by the Apache Software Foundation. A security vulnerability exists in Qpid C++ version 1.0. An attacker could exploit this vulnerability to cause the program to crash...

Memory Corruption Vulnerability in WPS Image Processing ico

WPS Photo software is a practical tool from the official hand of WPS to see the picture, WPS Photo software is powerful, to help users browse a variety of image formats, the software is simple to operate, you can easily open a variety of types of pictures. WPS image processing ico memory corrupti...

DeviceViewer 3.12.0.1 - 'creating user' Denial of Service

!/usr/bin/python Exploit Title: DeviceViewer 3.12.0.1 - 'creating user' DOS buffer overflow Date: 9/23/2019 Exploit Author: x00pwn Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Tested on: Windows 7 Steps to reproduce: ...

Binary Vulnerability in Flying Pigeon Network Printing Component (CNVD-2019-33149)

Flying Pigeon is a LAN instant messaging software for enterprises, schools and families, realizing high-speed transmission of messages and files within LAN and printing on Flying Pigeon network. A binary vulnerability exists in the Flying Pigeon Network Printing component, which can be exploited ...

CVE-2019-10054

An issue was discovered in Suricata 4.1.3. The function processreplyrecordv3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file...

CVE-2019-10054

An issue was discovered in Suricata 4.1.3. The function processreplyrecordv3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file...

Security feature bypass

An issue was discovered in Suricata 4.1.3. The function processreplyrecordv3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file...

Design/Logic Flaw

An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the...

CVE-2019-10056

An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the...

CVE-2019-10051

An issue was discovered in Suricata 4.1.3. If the function filetrackernewchunk encounters an unsafe "Somesfcm = ft.newchunk " item, then the program enters an smb/files.rs error condition and crashes...

CVE-2019-10054

Affected software: Suricata 4.1.3. Root cause: the function process_reply_record_v3 does not validate the length of reply.data, leading to an invalid memory access and a crash in nfs/nfs3.rs. Impact is a local crash; exploit details are not provided in the documents. Mitigation: upgrade to Surica...