UBUNTU-CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

mupdf/pdf_fuzzer: Stack-buffer-underflow in ps_index

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=6241403096006656 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Stack-buffer-underflow READ 8 Crash Address: 0x7fde52864418...

Cloudme 1.9 - Buffer Overflow (DEP) Учздщше

Exploit for windows platform in category local exploits Exploit Title: Cloudme 1.9 - Buffer Overflow DEP Metasploit Date: 2018-08-13 Exploit Author: Raymond Wellnitz Vendor Homepage: https://www.cloudme.com Version: 1.8.x/1.9.x Tested on: Windows 7 x64 CVE : 2018-6892 This module requires...

Computerinsel Photoline Stack Buffer Overflow Vulnerability

Computerinsel Photoline is a suite of image editing software. A stack buffer overflow vulnerability exists in the PSD parsing feature in Computerinsel Photoline version 20.54. An attacker can exploit this vulnerability by sending a specially crafted PSD image to overwrite arbitrary data and execu...

Delta Electronics CNCSoft and ScreenEditor Stack Buffer Overflow Vulnerability

Delta Electronics CNCSoft and ScreenEditor are products of Delta Electronics, a CNC machine simulation system software and ScreenEditor, a HMI programming software. A stack buffer overflow vulnerability exists in Delta Electronics CNCSoft version 1.00.83 and earlier and ScreenEditor version...

Stack overflow

A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution...

CVE-2018-5924

A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution...

CVE-2018-5924

CVE-2018-5924 affects certain HP inkjet printers. The issue arises when a maliciously crafted file is processed by the device, causing a stack buffer overflow and enabling remote code execution. Public reporting attributes a high or critical impact (CVSS v3.0: 9.8, network exposure, no user inter...

freetype2/cff-ftengine: Stack-buffer-overflow in cff_parser_run

Detailed report: https://oss-fuzz.com/testcase?key=5723673720782848 Project: freetype2 Fuzzer: aflfreetype2cff-ftengine Fuzz target binary: cff-ftengine Job Type: aflasanfreetype2 Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7fa252831e10 Crash State: cffparserrun...

EulerOS 2.0 SP3 : procps-ng (EulerOS-SA-2018-1230)

According to the versions of the procps-ng package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any securi...

Samsung SmartThings Hub video-core HTTP server buffer overflow vulnerability (CNVD-2018-14291)

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A stack buffer overflow vulnerability exists in the samsungWifiScan callback notification of the video-core HTTP server in the Samsung SmartThings Hub, which ste...

Samsung SmartThings Hub video-core HTTP server buffer overflow vulnerability (CNVD-2018-14289)

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A stack buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server in the Samsung SmartThings Hub, which originates...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

FreeBSD : chromium -- multiple vulnerabilities (b9c525d9-9198-11e8-beba-080027ef1a23)

Google Chrome Releases reports : 42 security fixes in this release, including : - 850350 High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07 - 848914 High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01 -...

Security update for Chromium (important)

This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530: - CVE-2018-6153: Stack buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC -...

Security update for Chromium (important)

This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530: - CVE-2018-6153: Stack buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC -...

Stack overflow

A stack buffer overflow flaw was found in the Quick Emulator QEMU before 2.9 built with the Network Block Device NBD client support. The flaw could occur while processing server's response to a 'NBDOPTLIST' request. A malicious NBD server could use this issue to crash a remote NBD client resultin...

CVE-2017-2630

A stack buffer overflow flaw was found in the Quick Emulator QEMU before 2.9 built with the Network Block Device NBD client support. The flaw could occur while processing server's response to a 'NBDOPTLIST' request. A malicious NBD server could use this issue to crash a remote NBD client resultin...

CVE-2017-2630

CVE-2017-2630 describes a stack buffer overflow in QEMU prior to 2.9 when processing the server response to an NBD_OPT_LIST during NBD client negotiation. A malicious NBD server could trigger the overflow, crash the QEMU NBD client, or potentially cause arbitrary code execution in the QEMU proces...

The vulnerability of the InTouch HMI platform, caused by an overflow in the stack buffer, allows a malicious actor to execute arbitrary code.

The vulnerability of the InTouch HMI platform arises from an overflow in the buffer in the stack due to insufficient input data processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges of the InTouch View process, using a specially crafted packa...