Denial Of Service (DoS)

cups is vulnerable to denial of service DoS. The vulnerability exists through a stack-buffer-overflow in libcups's asn1gettype function...

Internet Download Manager Stack Buffer Overflow Vulnerability

Internet Download Manager is a download utility that offers a variety of features such as breakpoint transfer. A stack buffer overflow vulnerability exists in Internet Download Manager. An attacker can corrupt the file system by elevating the privileges of a local process...

Adobe Bridge Stack Buffer Overflow Vulnerability

Adobe Bridge is a free digital asset management application from Adobe. Adobe Bridge suffers from a stack buffer overflow vulnerability. An attacker can exploit the vulnerability to execute arbitrary code...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4342-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4342-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4344-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4344-1 advisory. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly u...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4345-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4345-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondar...

Low: Red Hat Security Advisory: cups security and bug fix update

An update for cups is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

neomutt:address-fuzz: Stack-buffer-overflow in mutt_addrlist_parse

Project: https://github.com/neomutt/neomutt.git Detailed Report: https://oss-fuzz.com/testcase?key=5731491599613952 Project: neomutt Fuzzing Engine: libFuzzer Fuzz Target: address-fuzz Job Type: libfuzzerasanneomutt Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

Amazon Linux AMI : kernel (ALAS-2020-1360)

The version of kernel installed on the remote host is prior to 4.14.173-106.229. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1360 advisory. 2023-11-29: CVE-2020-27418 was added to this advisory. A stack buffer overflow issue was found in the getrawsocket...

libzmq:decode_fuzzer: Stack-buffer-overflow in zmq_z85_decode

Project: https://github.com/zeromq/libzmq.git Detailed Report: https://oss-fuzz.com/testcase?key=5724808697610240 Project: libzmq Fuzzing Engine: libFuzzer Fuzz Target: decodefuzzer Job Type: libfuzzerasani386libzmq Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

WECON LeviStudio ShortMessage Module SMtext Stack Buffer Overflow

A stack buffer overflow exists in Wecon LeviStudio. A remote attacker could exploit this vulnerability by enticing a user to open a crafted project. Successful exploitation could allow the attacker to execute arbitrary code under the security context of the user process...

Medium: kernel

Issue Overview: A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to...

The vulnerability of the mb_strtolower() function when using the UTF-32LE encoding in the PHP programming language allows attackers to execute arbitrary code.

The vulnerability of the mbstrtolower function when using the UTF-32LE encoding in the PHP programming language is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

libfmt:fuzzer_named_arg: Stack-buffer-underflow in fmt::v6::basic_format_args<fmt::v6::basic_format_context<std::__1::back_insert_i

Detailed Report: https://oss-fuzz.com/testcase?key=5747676286287872 Project: libfmt Fuzzing Engine: libFuzzer Fuzz Target: fuzzernamedarg Job Type: libfuzzerasanlibfmt Platform Id: linux Crash Type: Stack-buffer-underflow READ 16 Crash Address: 0x7f200d9a6110 Crash State:...

tigervnc security update

1.9.0-14 - Bump build version Resolves: bz1819877 Resolves: bz1819879 Resolves: bz1819882 Resolves: bz1819886 Resolves: bz1819884 1.9.0-13 - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz1819877 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz1819879 - Fix...

openthread:ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::NetworkData::NetworkData::FindService

Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5726217824370688 Project: openthread Fuzzing Engine: libFuzzer Fuzz Target: ncp-uart-received-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ...

suricata:fuzz_sigpcap: Dynamic-stack-buffer-overflow in RetrieveFPForSig

Project: https://github.com/OISF/suricata.git Detailed Report: https://oss-fuzz.com/testcase?key=5682380569575424 Project: suricata Fuzzing Engine: libFuzzer Fuzz Target: fuzzsigpcap Job Type: libfuzzerasansuricata Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow WRITE 4 Crash Address...

wireshark:fuzzshark_ip: Stack-buffer-overflow in tvb_get_ipv4_addr_with_prefix_len

Project: https://code.wireshark.org/review/wireshark Detailed Report: https://oss-fuzz.com/testcase?key=5751611818508288 Project: wireshark Fuzzing Engine: libFuzzer Fuzz Target: fuzzsharkip Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address...

wireshark:fuzzshark_tcp_port-bgp: Stack-buffer-overflow in tvb_get_ipv4_addr_with_prefix_len

Project: https://code.wireshark.org/review/wireshark Detailed Report: https://oss-fuzz.com/testcase?key=5633955517956096 Project: wireshark Fuzzing Engine: libFuzzer Fuzz Target: fuzzsharktcpport-bgp Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Cras...

Oracle VirtualBox xHCI Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...