CentOS 8 : libvorbis (CESA-2019:3703)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3703 advisory. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - libvorbis: stack buffer overflow in barknoisehybridmp function...

CentOS 8 : curl (CESA-2019:3701)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3701 advisory. - curl: NTLM type-2 heap out-of-bounds buffer read CVE-2018-16890 - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 -...

CentOS 8 : firefox (CESA-2019:3196)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:3196 advisory. - Mozilla: Use-after-free when creating index updates in IndexedDB CVE-2019-11757 - Mozilla: Potentially exploitable crash due to 360 Total Security...

CentOS 8 : thunderbird (CESA-2019:1623)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:1623 advisory. - libical: Heap buffer over read in icalparser.c parsergetnextchar CVE-2019-11703 - libical: Heap buffer overflow in icalmemorystrdupanddequote functio...

The vulnerability of the Sailfish Browser application for the “Avora” operating system, related to buffer overflow in the stack, allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Sailfish Browser application for the “Avora” operating system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

The vulnerability in the web interface for managing microprogrammed wireless router software of Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the web-based management interfaces for microprogramming software of Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W is caused by buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure...

The vulnerability of the document.title property in the Sailfish Browser application for the “Autora” operating system, related to buffer overflow in the stack, allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the document.title property in the Sailfish Browser application for the “Autora” operating system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary code...

Backdoor.Win32.Hupigon.adef Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c8f55ce7bbec784a97d7bfc6d7b1931f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.adef Vulnerability: Remote Stack Buffer Overflow Description: Backdoor Hupigo...

Backdoor.Win32.WinShell.30 Remote Stack Buffer Overflow / Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/56a2b135c8d35561ea5b04694155eb77.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.30 Vulnerability: Remote Stack Buffer Overflow / Missing Authentication...

Open Design Alliance Drawings SDK Stack Buffer Overflow Vulnerability

Drawings is a development platform for desktop, mobile and web applications targeting .dwg and .dgn data.Drawings SDK is the Drawings Software Development Kit. A stack buffer overflow vulnerability exists in Open Design Alliance Drawings SDK versions prior to 2021.11. An attacker can exploit this...

Email-Worm.Win32.Agent.gi Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/74e65773735f977185f6a09f1472ea46.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Agent.gi Vulnerability: Remote Stack Buffer Overflow - UDP Datagram Description:...

SUSE-SU-2021:0156-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash bsc1179103. - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel bsc1179202. - CVE-2020-25665: Fixed a heap-based buffer overflow in...

Backdoor.Win32.Mnets Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1e42493dcef54a62bc28e0a1338c1142.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mnets Vulnerability: Remote Stack Buffer Overflow - UDP Datagram Proto Description: T...

OSV-2018-441 Stack-buffer-underflow in ps_index

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9970 Crash type: Stack-buffer-underflow READ 8 Crash state: psindex psrun evalpostscriptfunc...

OSV-2018-284 Stack-buffer-overflow in pdf_lookup_cmap_full

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494 Crash type: Stack-buffer-overflow WRITE 4 Crash state: pdflookupcmapfull pdfremapcmaprange pdfremapcmap...

Medium: tigervnc

Issue Overview: TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process...

Amazon Linux AMI : tigervnc (ALAS-2021-1470)

The version of tigervnc installed on the remote host is prior to 1.8.0-21.34. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1470 advisory. TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack...

OSV-2017-119 Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3376 Crash type: Stack-buffer-overflow READ 2 Crash state: ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId ot::NetworkData::Leader::HandleCommissioningSet ot::Coap::Coap::ProcessReceivedRequest...

OSV-2021-152 Stack-buffer-overflow in ot::NetworkData::ServerTlv::GetServer16

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5878 Crash type: Stack-buffer-overflow READ 2 Crash state: ot::NetworkData::ServerTlv::GetServer16 ot::NetworkData::Leader::RlocLookup ot::NetworkData::Leader::RegisterNetworkData...

OSV-2017-53 Stack-buffer-overflow in _psl_idna_toASCII

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2600 Crash type: Stack-buffer-overflow READ Crash state: pslidnatoASCII addpunycodeifneeded pslloadfp...