OPENSUSE-SU-2019:1352-1 Security update for ovmf

This update for ovmf fixes the following issues: Security issue fixed: - CVE-2019-0161: Fixed a stack overflow in UsbBusDxe and UsbBusPei, which could potentially be triggered by a local unauthenticated user bsc1131361. This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2019:0766-1 Security update for ovmf

This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. - CVE-2018-12181: Fixed a stack buffer overflow in the...

Adobe Acrobat and Reader Stack Buffer Overflow Vulnerability (CNVD-2019-06914)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader in the existence of stack buffer overflow vulnerability. Remote...

Gnome Glib version 2.58.1 suffers from an out-of-bounds read vulnerability

GNOME is a GNU network object model.GLib provides the core application components for libraries and programs written in C. An out-of-bounds read vulnerability exists in Gnome Glib version 2.58.1. An attacker can exploit to cause a stack overflow out-of-bounds read...

Stack overflow

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling ...

CVE-2018-3915

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 64 bytes. An attacker can...

MGASA-2018-0339 Updated libtomcrypt packages fix security vulnerability

libtomcrypt has been updated to secure it against two security vulnerabilities. A problem in the ASN.1 parser could cause a stack overflow and a resulting denial of service when parsing deeply recursive ASN.1 types CVE-2018-0739. An attacker capable of triggering signatures and mounting a side...

Artifex Software MuPDF 'count_entries' function stack buffer overflow vulnerability

Artifex Software MuPDF is a PDF library from Artifex Software, USA. A security vulnerability exists in the 'countentries' function in the pdf-layer.c file in Artifex Software MuPDF version 1.10a. A remote attacker can exploit this vulnerability to cause a denial of service stack consumption and...

Fuji Electric V-Server VPR Stack Buffer Overflow Vulnerability

Fuji Electric V-Server is a data collection software from Fuji Electric Japan, and VPR is a layout routing tool for array-based FPGAs. A stack buffer overflow vulnerability exists in Fuji Electric V-Server VPR 4.0.1.0 and earlier versions, which can be exploited by an attacker to remotely execute...

MGASA-2018-0036 Updated connman packages fix security vulnerability

Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service...

Stack Overflow Vulnerability in WPS Office

WPS Office is an office software suite developed independently by Kingsoft Corporation. The EqnEdt32.exe program in the WPS Office software suffers from a stack overflow vulnerability, which can be exploited by an attacker to execute malicious code on the target system, remotely install malware,...

[SECURITY] [DSA 3956-1] connman security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3956-1 [email protected] https://www.debian.org/security/ Luciano Bello August 27, 2017 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3956-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for glibc RHSA-2017:1916-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TP-Link WR841N code execution( CVE-2017-9466)

CVE-2017-9466: Why Is My Router Blinking Morse Code? We recently discovered two vulnerabilities in TP-Link’s WR841N V8 router that we exploited to obtain custom code execution on the router. After working closely with the vendor to patch the router’s firmware, we are disclosing the details of our...

Document Liberation Project libstaroffice Stack Buffer Overflow Vulnerability

Document Liberation Project is a project that enables users to work with vendor-locked content. libstaroffice is an import filter for StarOffice documents. Document Liberation Project libstaroffice The 'DatabaseName::read' function in the lib/StarWriterStruct.cxx file in versions prior to...

ALPINE-CVE-2017-6891

Two errors in the "asn1findnode" function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility...

Dmitry Stack Buffer Overflow Vulnerability

DMitry Deepmagic Information Gathering Utility is a UNIX/GNU Linux command line program coded purely in C that gathers as much information about the host as possible. DMitry Deepmagic Information Gathering Tool suffers from a stack buffer overflow vulnerability that can be exploited by an attacke...

RedHat Update for glibc RHSA-2017:0680-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2017:0380-1 Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2016-4658: use-after-free error could lead to crash bsc1005544 Fix NULL dereference in xpointer.c when in recovery mode bsc1014873 CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected b...