chakra: Dynamic-stack-buffer-overflow in js_memcpy_s

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=4738279476822016 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 16 Crash Address: 0x7fffa66f0a98 Crash State: jsmemcpys...

CVE-2017-1000210

picoTCP versions 1.7.0 - 1.5.0 is vulnerable to stack buffer overflow resulting in code execution or denial of service attack...

CVE-2017-1000210

picoTCP versions 1.7.0 - 1.5.0 is vulnerable to stack buffer overflow resulting in code execution or denial of service attack...

CVE-2017-1000210

PicoTCP is affected: stack buffer overflow in the TCP/IP stack for embedded systems, affecting versions 1.5.0 through 1.7.0. The vulnerability can lead to code execution or denial of service. Root cause: stack overflow in picoTCP’s handling of inputs/packets. The provided documents consistently d...

InduSoft Web Studio Unspecified Stack Buffer Overflow Vulnerability - Windows

InduSoft Web Studio is prone to an unspecified stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Office Equation Editor stack buffer overflow

Overview Microsoft Equation Editor contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Equation Editor is a component that comes with Microsoft Office. It is an out-of-process COM server that ...

FreeBSD : chromium -- multiple vulnerabilities (f8e72cd4-c66a-11e7-bb17-e8e0b747a45a)

Google Chrome Releases reports : 2 security fixes in this release, including : - 777728 Critical CVE-2017-15398: Stack buffer overflow in QUIC. Reported by Ned Williamson on 2017-10-24 - 776677 High CVE-2017-15399: Use after free in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-10-2...

chakra: Dynamic-stack-buffer-overflow in Js::JavascriptOperators::FillScopeObject

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=4923358425645056 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 8 Crash Address: 0x7ffcc81d62a0 Crash State:...

Security update for chromium (important)

This update for Chromium to version 62.0.3202.89 fixes the following vulnerabilities boo1066851: - CVE-2017-15398: Stack buffer overflow in QUIC - CVE-2017-15399: Use after free in V8...

Cesanta Mongoose MQTT SUBSCRIBE Multiple Topics Remote Code Execution(CVE-2017-2894)

Summary An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT...

chakra: Dynamic-stack-buffer-overflow in Js::JavascriptArray::NewInstance

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=6106023170408448 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 8 Crash Address: 0x7ffd13bb0260 Crash State:...

Stack overflow

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

KLA11132 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service and to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Stack buffer overflow in QUIC can be exploited remotely by an...

Google Chrome Security Updates (stable-channel-update-for-desktop-2017-11) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Security Updates (stable-channel-update-for-desktop-2017-11) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...