OSV-2021-1048 Stack-buffer-overflow in INDEX_ORDERLY_RAM_Marshal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36476 Crash type: Stack-buffer-overflow READ 4 Crash state: INDEXORDERLYRAMMarshal PERSISTENTALLMarshal TPM2PersistentAllStore...

Chromium: CVE-2021-30566 Stack buffer overflow in Printing

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

FreeBSD : chromium -- multiple vulnerabilities (76487640-ea29-11eb-a686-3065ec8fd3ec)

Chrome Releases reports : This release contains 35 security fixes, including : - 1210985 High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19 - 1202661 High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha...

Google Chrome Stack Buffer Overflow Vulnerability (CNVD-2021-62168)

Chrome is a web browsing tool developed by Google.A stack buffer overflow vulnerability exists in Printing in versions prior to Google Chrome 92.0.4515.107. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash...

RHEL 8 : shim and fwupd (RHSA-2021:2790)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2790 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

[ASA-202107-47] chromium: multiple issues

Arch Linux Security Advisory ASA-202107-47 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-30565 CVE-2021-30566 CVE-2021-30567 CVE-2021-30568 CVE-2021-30569 CVE-2021-30571 CVE-2021-30572 CVE-2021-30573 CVE-2021-30574 CVE-2021-30575 CVE-2021-30576...

CVE-2019-25050

CVE-2019-25050 affects netCDF in GDAL 2.4.2 through 3.0.4. The issue is a stack-based buffer overflow in two code paths: nc4_get_att (invoked via nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (invoked from the netCDFDataset destructor). The connected documents consistently describe the ...

OSV-2021-1033 Stack-buffer-overflow in unicodize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36312 Crash type: Stack-buffer-overflow WRITE 1 Crash state: unicodize ntlmphase3 establishhttpproxypassthru...

Adobe Photoshop 缓冲区错误漏洞

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. A stack buffer overflow vulnerability exists in Adobe Photoshop. An attacker could exploit this vulnerability to execute arbitrary code...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 35 security fixes, including: 1210985 High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19 1202661 High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab o...

The vulnerability of the mod_auth_digest function in the Apache HTTP Server allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the modauthdigest function in the Apache HTTP Server arises from the execution of operations outside the buffer on the stack. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the cachekey plugin in the Apache Traffic Server web server allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cachekey plugin in the Apache Traffic Server web server arises from an operation that occurs outside the buffer limits of the stack. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Huawei EulerOS: Security Advisory for cairo (EulerOS-SA-2021-2213)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2021-1017 Stack-buffer-overflow in piv_compute_signature

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36200 Crash type: Stack-buffer-overflow WRITE Crash state: pivcomputesignature sccomputesignature usekey...

OSV-2021-1015 Dynamic-stack-buffer-overflow in VP8SetSegmentParams

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36191 Crash type: Dynamic-stack-buffer-overflow WRITE Crash state: VP8SetSegmentParams SetLoopParams OneStatPass...

Amazon Linux 2 : grub2 (ALAS-2021-1684)

The version of grub2 installed on the remote host is prior to 2.06-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1684 advisory. 2024-02-29: CVE-2019-14865 was added to this advisory. A flaw was found in the grub2-set-bootflag utility of grub2. A local...

openSUSE 15 Security Update : curl (openSUSE-SU-2021:1762-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1762-1 advisory. - curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used ...

EulerOS 2.0 SP5 : cairo (EulerOS-SA-2021-2213)

According to the version of the cairo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in cairo's image-compositor.c. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for...

CVE-2021-34827

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...

OSV-2021-1008 Dynamic-stack-buffer-overflow in clear_opt_map_info

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36155 Crash type: Dynamic-stack-buffer-overflow WRITE Crash state: clearoptmapinfo optimizenodeleft setoptimizeinfofromtree...