CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

Pico HTTP Server in C Security Vulnerability

Pico HTTP Server in C is a very simple Unix HTTP server from the individual developer Aleksey Kurepin. A security vulnerability exists in Pico HTTP Server in C, which stems from a stack buffer overflow in the voidroute function in main.c, leading to remote code execution...

OSV-2024-3 Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65486 Crash type: Stack-buffer-overflow WRITE 1 Crash state: icu75::TZDBTimeZoneNames::getMetaZoneNames icu75::TZDBTimeZoneNames::getMetaZoneDisplayName TestNames...

Stack overflow

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

CVE-2023-6693 Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

Stack Buffer Overflow

MP3Gain is vulnerable to Stack Buffer Overflow. The vulnerability is caused due to the WriteMP3GainAPETag function.This potentially leads to Denial of Service DoS Attack...

NewStart CGSL MAIN 6.06 : cairo Vulnerability (NS-SA-2023-0077)

The remote NewStart CGSL host, running version MAIN 6.06, has cairo packages installed that are affected by a vulnerability: - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's...

CVE-2023-49356

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592...

UBUNTU-CVE-2023-49356

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592...

Stack overflow

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592...

CVE-2023-49356

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592...

CVE-2023-49356

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592...

CVE-2023-49356

A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592...

Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3472)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-49356

CVE-2023-49356 describes a stack buffer overflow in MP3Gain v1.6.2. The vulnerability is triggered in the WriteMP3GainAPETag function (apetag.c:592), which can lead to denial of service. Documentation provided confirms the affected software and the specific code location, but does not include exp...

Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3500)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-48298

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...

Design/Logic Flaw

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...

CVE-2023-48298

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...

CVE-2023-48298 Integer underflow leading to stack overflow in FPC codec decompression

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...