CVE-2019-10054

An issue was discovered in Suricata 4.1.3. The function processreplyrecordv3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file...

CVE-2019-10051

An issue was discovered in Suricata 4.1.3. If the function filetrackernewchunk encounters an unsafe "Somesfcm = ft.newchunk " item, then the program enters an smb/files.rs error condition and crashes...

Memory Corruption Vulnerability in Advantech WebAccess HMI Designer

Advantech WebAccess HMI Designer is software that creates complete solutions for all HMI products and HMI applications including the TPC/WebOP/UNO series. A memory corruption vulnerability exists in Advantech WebAccess HMI Designer, which can be exploited by an attacker to execute malicious code ...

The vulnerability of the lnstat network statistics collection program lies in the lack of checks for the correctness of mathematical operations, which allows a perpetrator to trigger a service failure.

The vulnerability of the lnstat network statistics collection program is related to the lack of checks for the correctness of mathematical operations. Exploiting this vulnerability could allow an attacker to cause the program to terminate abnormally due to a SIGFPE signal, caused by attempting to...

curl: SMTP end-of-response out-of-bounds read

An out-of-bounds read flaw was found in the way curl handled certain SMTP responses. A remote attacker could use this flaw to crash curl...

Memory Corruption Vulnerability in Softi ScanWiz V2

Softi ScanWiz is a scanning and optical character recognition software. A memory corruption vulnerability exists in Softi ScanWiz V2. An attacker could exploit this vulnerability to gain control of a user's system or crash the program...

Stack Overflow Vulnerability in AH-PClink

AH-PClink is a human-machine interface software. AH-PClink suffers from a stack overflow vulnerability in the handling of hmp project files, which allows an attacker to trick a user with AH-PClink installed to open a malicious hmp file, execute malicious code on the user's system, gain control of...

Design/Logic Flaw

An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program...

CVE-2019-7697

An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service program crash, as demonstrated by mp42hls...

CVE-2019-7697

An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service program crash, as demonstrated by mp42hls...

CVE-2019-7697

An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service program crash, as demonstrated by mp42hls...

CVE-2019-7150

An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64xlatetom in libelf/elf32xlatetom.c, due to dwflsegmentreportmodule not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to...

CVE-2019-7150

An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64xlatetom in libelf/elf32xlatetom.c, due to dwflsegmentreportmodule not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to...

Beebug - A Tool For Checking Exploitability

beebug is a tool that can be used to verify if a program crash could be exploitable. This tool was presented the first time at r2con 2018 in Barcelona. Some implemented functionality are: Stack overflow on libc Crash on Program Counter Crash on branch Crash on write memory Heap vulnerabilities Re...

Heap overflow

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. This result in a program crash or denial...

CVE-2018-5201

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document. This result in a program crash or denial...

Design/Logic Flaw

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file...

CVE-2018-1000886

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file...

CVE-2018-1000886

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file...

CVE-2018-1000886

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file...