VLC Media Player LIVE555 RTSP Server RCE Vulnerability - Windows

VLC Media Player is prone to a remote code execution RCE vulnerability. This VT has been deprecated since VLC Media player is not affected. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

poppler/pdf_fuzzer: Stack-buffer-overflow in IdentityFunction::transform

Detailed report: https://oss-fuzz.com/testcase?key=5728547742679040 Project: poppler Fuzzer: aflpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanpoppler Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7f65b2f91028 Crash State: IdentityFunction::transfor...

CVE-2018-18707

An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...

EulerOS Virtualization 2.5.1 : procps-ng (EulerOS-SA-2018-1326)

According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory...

Security update for ntp (moderate)

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

Security update for ntp (moderate)

This update for NTP to version 4.2.8p12 fixes the following vulnerabilities bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing...

Advantech WebAccess stack buffer overflow vulnerability (CNVD-2018-21935)

Advantech WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology for a cross-platform, cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. An attacker c...

SUSE-SU-2018:3342-1 Security update for ntp

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

IObit Malware Fighter Buffer Overflow Vulnerability

IObit Malware Fighter is a suite of antivirus software for Windows-based platforms. The program has features such as anti-malware and virus protection. A stack buffer overflow vulnerability exists in the IMFCameraProtect.sys file in IObit Malware Fighter version 6.2 and possibly prior to 6.2. An...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3265-1)

This update for the Linux Kernel 3.12.61-52146 fixes several issues. The following security issues were fixed : CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is...

Morris Worm fingerd Stack Buffer Overflow

This module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently, only bsd/vax/shellreversetcp is supported. This module requires Metasploit:...

CVE-2018-15704

Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp...

CVE-2018-15704

Advantech WebAccess 8.3.2 and earlier are affected by a stack-based buffer overflow in broadweb/system/opcImg.asp. The CNVD entry confirms a vulnerability that an unauthenticated? or remote attacker could exploit via a crafted HTTP request to that path to execute arbitrary code or cause a denial ...

Xpdf Denial of Service Vulnerability (CNVD-2019-17491)

Xpdf is Foo Labs developed an open source PDF reader , it supports decoding LZW compressed format files and read encrypted PDF files . Xpdf 4.00 version of the Object.h file in the 'Object::isName' function has a security vulnerability. A remote attacker can exploit this vulnerability with a...

SUSE-SU-2018:3173-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes several issues. The following security issues were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...

SUSE-SU-2018:3172-1 Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-6064104 fixes several issues. The following security issues were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...

SUSE-SU-2018:3159-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain...

openvswitch/odp_target: Stack-buffer-overflow in nullable_memcpy

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5734833108549632 Project: openvswitch Fuzzer: libFuzzeropenvswitchodptarget Fuzz target binary: odptarget Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type: Stack-buffer-overflow READ...