Ubuntu: Security Advisory (USN-5889-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5889-1: ZoneMinder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

Tenda AX3 SetSysTimeCfg Stack Buffer Overflow Vulnerability

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from a stack overflow vulnerabili...

OSV-2023-113 Stack-buffer-overflow in dump_stats

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56339 Crash type: Stack-buffer-overflow READ 4 Crash state: dumpstats flacanalyzeframe writecallback...

Debian dla-3335 : asterisk - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3335 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3335-1 [email protected]...

CVE-2022-28331

A flaw was found in Apache Portable Runtime, affecting versions = 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affects Windows environments...

K61164061: PHP vulnerability CVE-2017-9227

Security Advisory Description An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could...

K73540515: Linux kernel vulnerability CVE-2018-14633

Security Advisory Description A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 1...

OSV-2023-88 Stack-buffer-overflow in pdfi_read_cff_dict

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56156 Crash type: Stack-buffer-overflow WRITE 1 Crash state: pdfireadcffdict pdfireadcffdict pdfireadcfffont...

PT-2023-36024 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details about the crash include the crash type being a Stack-buffer-overflow WRITE 1. Th...

FreeBSD : libde256 -- multiple vulnerabilities (421c0af9-b206-11ed-9fe5-f4a47516fb57)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 421c0af9-b206-11ed-9fe5-f4a47516fb57 advisory. - libde265 v1.0.4 contains a heap buffer overflow in the putepelhvfallback function, which can...

OSV-2023-84 Stack-buffer-overflow in parse_regex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56121 Crash type: Stack-buffer-overflow READ 1 Crash state: parseregex parseregex parseregex...

Siemens JT Open Toolkit Stack Buffer Overflow Vulnerability

Siemens JT Open Toolkit Siemens JTTK is a C++ application programming interface API from Siemens, Germany. It provides support for 64-bit application development on Microsoft Windows, Linux and MacOS. Siemens JT Open Toolkit suffers from a stack buffer overflow vulnerability that can be exploited...

Adobe Bridge Stack Buffer Overflow Vulnerability (CNVD-2023-13735)

Adobe Bridge is a file viewer from Adobe. Adobe Bridge is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

Adobe Animate stack buffer overflow vulnerability

Adobe Animate is a Flash animation software from Adobe. Adobe Animate is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

SUSE CVE-2007-1353

The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copyfromuser function accessing an uninitialized stack buffer...

SUSE CVE-2017-17740

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service slapd crash via a member MODDN operation...

SUSE CVE-2017-1000249

An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...

SUSE CVE-2018-8882

Netwide Assembler NASM 2.13.02rc2 has a stack-based buffer under-read in the function ieeeshr in asm/float.c via a large shift value...

SUSE CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...