CVE-2019-5166

An exploitable stack buffer overflow vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attack...

CVE-2019-5166

CVE-2019-5166 affects the WAGO PFC200 controller, specifically the iocheckd service’s IC/“I/O-Check” functionality. A stack-based buffer overflow occurs while parsing a DNS value embedded in the cached XML file /tmp/iocheckCache.xml, exploitable via a crafted DNS parameter during a BC_SaveParamet...

CVE-2020-10232

In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c...

UBUNTU-CVE-2020-10232

In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c...

WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities

Summary An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An...

CVE-2020-10232

In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c...

CVE-2020-10232

The Sleuth Kit (TSK) up to version 4.8.0 contains a stack buffer overflow in the YAFFS file timestamp parsing in yaffsfs_istat() (fs/yaffs.c). Affected component is the YAFFS timestamp parsing logic; impact is high (potential crash or exploitation as implied by CVSS). Remediation: upgrade to newe...

CVE-2020-10232

In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c...

Stack overflow

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

CVE-2019-10569

CVE-2019-10569 is a stack buffer overflow in Qualcomm Snapdragon components caused by a misplaced instance id inside the definition of hardware accelerated effects in a makefile. Affected family includes Snapdragon Auto, Compute, Consumer IoT, and Mobile platforms (APQ8053, APQ8098, MDM9607, MDM9...

CVE-2019-10569

Stack buffer overflow due to instance id is misplaced inside definition of hardware accelerated effects in makefile in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, APQ8098, MDM9607, MDM9640, MSM8998, QCS605, SC8180X, SDM439, SDM630, SDM636, SDM660,...

gdal:gdal_filesystem_fuzzer: Stack-buffer-overflow in NITFDataset::ScanJPEGQLevel

Project: https://github.com/OSGeo/gdal.git Detailed Report: https://oss-fuzz.com/testcase?key=5070558930927616 Project: gdal Fuzzing Engine: honggfuzz Fuzz Target: gdalfilesystemfuzzer Job Type: honggfuzzasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address:...

imagemagick:crop_fuzzer: Stack-buffer-overflow in ReadICCProfile

Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5741266359025664 Project: imagemagick Fuzzing Engine: honggfuzz Fuzz Target: cropfuzzer Job Type: honggfuzzasanimagemagick Platform Id: linux Crash Type: Stack-buffer-overflow READ 13 Crash...

karchive:karchive_fuzzer: Stack-buffer-overflow in KTar::KTarPrivate::readHeader

Project: git://anongit.kde.org/karchive Detailed Report: https://oss-fuzz.com/testcase?key=5632739014606848 Project: karchive Fuzzing Engine: honggfuzz Fuzz Target: karchivefuzzer Job Type: honggfuzzasankarchive Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7ffff7f75a...

The vulnerability of the i2c_ddc functions in the QEMU hardware emulation software allows a hacker to disclose protected information.

The vulnerability of the i2cddc function hw/i2c/i2c-ddc.c in the QEMU hardware emulation software is related to reading data beyond the buffer limit 128 bytes of stack memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security...

ABB IDAL HTTP Server Stack Buffer Overflow (CVE-2019-7232)

A stack buffer overflow vulnerability exists in ABB IDAL HTTP Server. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the vulnerable server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on...

EulerOS 2.0 SP8 : httpd (EulerOS-SA-2020-1155)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the 'PROXY' protocol, a...

EulerOS 2.0 SP5 : cups (EulerOS-SA-2020-1096)

According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cups: stack-buffer-overflow in libcups's asn1gettype function.CVE-2019-8675 - cups: stack-buffer-overflow in libcups's asn1gettype...

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2020-1096)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

imagemagick:encoder_radial-gradient_fuzzer: Stack-buffer-overflow in ReadGRADIENTImage

Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5659238976454656 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: encoderradial-gradientfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...