CVE-2023-48298 Integer underflow leading to stack overflow in FPC codec decompression

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...

CVE-2023-48298

CVE-2023-48298 affects ClickHouse, specifically the FPC codec decompression path. The issue is an integer underflow that can crash the server via a stack buffer overflow, exploitable by an unauthenticated attacker. The vulnerability is described as similar to CVE-2023-47118; no explicit remediati...

CVE-2023-48298

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...

OSV-2023-1329 Stack-buffer-overflow in decNaNs

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65130 Crash type: Stack-buffer-overflow WRITE 2 Crash state: decNaNs decCompareOp decNumberCompare...

OSV-2023-1328 Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65128 Crash type: Stack-buffer-overflow WRITE 1 Crash state: icu75::TZDBTimeZoneNames::getMetaZoneNames icu75::TZDBTimeZoneNames::getMetaZoneDisplayName TestNames...

CVE-2023-33218

The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device...

Stack overflow

The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device...

CVE-2023-33219 Stack Buffer Overflow when checking retrofit package

The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...

CVE-2023-33218

CVE-2023-33218 involves a stack buffer overflow in the Parameter Zone Read/Write command handlers, potentially enabling Remote Code Execution on affected devices. The primary sources (NVD, Red Hat, CVE lists) describe a network-accessible vulnerability with high/severe impact (Confidentiality/Int...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2023-3445)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3377)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3358)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-49992

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...

CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

CVE-2023-49992

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...

DEBIAN-CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

UBUNTU-CVE-2023-49992

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...

PT-2023-9302 · Espeak-Ng +6 · Espeak-Ng +6

Name of the Vulnerable Software and Affected Versions: Espeak-ng version 1.52-dev Description: The issue is related to a Stack Buffer Underflow via the CountVowelPosition function at synthdata.c. This could allow an attacker to cause a denial of service or potentially execute arbitrary code. The...

CVE-2023-49991

CVE-2023-49991 affects espeak-ng; multiple connected advisories confirm a Stack Buffer Underflow in the function CountVowelPosition within synthdata.c (espeak-ng 1.52-dev). The issue is reported across distributions (SUSE, Debian, Tencent/Tenables context) with references to vendor advisories or ...