CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

Stack overflow

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

freeimage:load_from_memory_fuzzer: Stack-buffer-overflow in strncpy

Detailed Report: https://oss-fuzz.com/testcase?key=5131488567230464 Project: freeimage Fuzzing Engine: libFuzzer Fuzz Target: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f152a437530 Crash State: strncpy...

zstd:simple_decompress: Stack-buffer-overflow in ZSTD_decodeLiteralsBlock

Project: https://github.com/facebook/zstd.git Detailed Report: https://oss-fuzz.com/testcase?key=5640730759921664 Project: zstd Fuzzing Engine: libFuzzer Fuzz Target: simpledecompress Job Type: libfuzzerasanzstd Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address:...

CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

CVE-2019-13221

CVE-2019-13221 affects the stb_vorbis component (stb) in the compute_codewords() path. Multiple connected advisories (e.g., openSUSE-SU-2025:0039-1 and OSV-OPENSUSE-SU-2025:0039-1) describe a stack/buffer overflow in that area and list it among the fixes for stb via updated libstb packages. The v...

CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

KLA12366 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, perform cross-site scripting attack, spoof user interface. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability in modhttp2 can be...

ovmf security and enhancement update

20180508-6.gitee3198e672e2.el7 - ovmf-MdeModulePkg-HiiDatabase-Fix-potential-integer-overf.patch bz1691479 - ovmf-MdeModulePkg-HiiImage-Fix-stack-overflow-when-corrup.patch bz1691479 - ovmf-MdeModulePkg-PartitionDxe-Add-check-for-underlying-d.patch bz1691647 -...

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0160)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages,...

NewStart CGSL MAIN 5.04 : 389-ds-base Multiple Vulnerabilities (NS-SA-2019-0009)

The remote NewStart CGSL host, running version MAIN 5.04, has 389-ds-base packages installed that are affected by multiple vulnerabilities: - An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentiall...

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0163)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages,...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Vulnerability (NS-SA-2019-0058)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by a vulnerability: - A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISC...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2019-0057)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by a vulnerability: - A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI...

[SECURITY] [DSA 4495-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4495-1 [email protected] https://www.debian.org/security/ Ben Hutchings August 10, 2019 https://www.debian.org/security/faq -...

freeimage:load_from_memory_fuzzer: Stack-buffer-overflow in strncpy

Detailed report: https://oss-fuzz.com/testcase?key=5161928611069952 Project: freeimage Fuzzing engine: libFuzzer Fuzz target: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f6e95821530 Crash State: strncpy...

redis:5 security update

An update is available for redis. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as a data-structu...

CVE-2019-13106

Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution...