CVE-2020-27749

A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...

CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

RHEL 8 : grub2 (RHSA-2021:0698)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0698 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

RHEL 8 : grub2 (RHSA-2021:0697)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0697 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

Synology DiskStation Manager Stack Buffer Overflow Vulnerability

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A stack buffer overflow vulnerability exists in synoagentregisterd in Synolog...

Synology DiskStation Manager 缓冲区错误漏洞

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A stack buffer overflow vulnerability exists in synoagentregisterd in Synolog...

Fatek FvDesigner Stack Buffer Overflow Vulnerability

Fatek FvDesigner is a software tool for designing and developing projects for the FATEK FV HMI series. A stack buffer overflow vulnerability exists in Fatek FvDesigner 1.5.76 and earlier versions when processing project files. An attacker could exploit this vulnerability to execute arbitrary code...

OSV-2021-435 Stack-buffer-overflow in ot::Cli::Interpreter::OutputFormatV

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31232 Crash type: Stack-buffer-overflow READ Crash state: ot::Cli::Interpreter::OutputFormatV ot::Cli::Interpreter::OutputLine ot::Cli::Interpreter::HandleDnsServiceResponse...

Stack overflow

Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

CVE-2021-21149

Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page...

OSV-2021-430 Stack-buffer-overflow in tvb_memcpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31198 Crash type: Stack-buffer-overflow WRITE Crash state: tvbmemcpy compositememcpy tvbgetnstringz...

Backdoor.Win32.Ketch.h Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/63c55ad21e0771c7f9ca71ec3bfcea0f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ketch.h Vulnerability: Remote Stack Buffer Overflow SEH Description: Ketch makes HTTP...

CVE-2020-2501 Stack Buffer Overflow in Surveillance Station

A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3...

CVE-2020-24870

A stack buffer overflow vulnerability was found in LibRaw. This flaw allows a malicious user to send a crafted image that, when parsed by an application linked to LibRaw, leads to a denial of service or potential code execution...

OSV-2021-386 Stack-buffer-overflow in ot::Coap::Message::AppendUintOption

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30831 Crash type: Stack-buffer-overflow READ 1 Crash state: ot::Coap::Message::AppendUintOption ot::Coap::Message::AppendBlockOption otCoapMessageAppendBlock2Option...

CVE-2021-20236

A flaw was found in the ZeroMQ server. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system...

OSV-2021-361 Stack-buffer-overflow in add_file

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30774 Crash type: Stack-buffer-overflow WRITE Crash state: addfile strfilenamecb handleoption...

Gitea 1.9.0 < 1.13.2 DoS Vulnerability

Gitea is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Arbitrary Code Execution

connman is vulnerable to arbitrary code execution. The vulnerability exists through a stack buffer overflow that can be used to execute code by network adjacent attackers...

Integer overflow

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::loadimage function at line: const sizet buffersize = tgaheader.imagewidth tgaheader.imageheight pixelsize; The bug leads to...