RHEL 6 : chromium-browser (RHSA-2020:4974)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4974 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 86.0.4240.183. Security Fixes:...

FreeBSD : chromium -- multiple vulnerabilities (3ec6ab59-1e0c-11eb-a428-3065ec8fd3ec)

Chrome Releases reports : This release contains 10 security fixes, including : - 1138911 High CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15 - 1139398 High CVE-2020-16005: Insufficient policy enforceme...

openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1831-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Google Chrome Security Update (stable-channel-update-for-desktop-2020-11) - Linux

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c

An out-of-bounds write vulnerability was discovered in tcpdump while reading the file passed to the -V option of the command line program. An attacker may abuse this flaw by tricking a victim user into using a malicious file with the -V option, which would make the program read one byte before a...

Microsoft Edge (Chromium) < 86.0.622.63 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 86.0.622.63. It is, therefore, affected by multiple vulnerabilities as referenced in the ADV200002-11-4-2020 advisory. - Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacke...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

imagemagick:ping_pwp_fuzzer: Stack-buffer-overflow in SetStringInfoDatum

Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5632955822899200 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: pingpwpfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

Stack overflow

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

OSV-2020-2108 Stack-buffer-overflow in simdjson::internal::decimal_right_shift

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26773 Crash type: Stack-buffer-overflow READ 1 Crash state: simdjson::internal::decimalrightshift simdjson::internal::adjustedmantissa simdjson::internal::computefloatsimdjson simdjson::internal::adjustedmantissa...

simdjson:fuzz_dump: Stack-buffer-overflow in simdjson::internal::decimal_right_shift

Project: https://github.com/simdjson/simdjson.git https://github.com/lemire/simdjson.git Detailed Report: https://oss-fuzz.com/testcase?key=5087581219586048 Project: simdjson Fuzzing Engine: libFuzzer Fuzz Target: fuzzdump Job Type: libfuzzerasansimdjson Platform Id: linux Crash Type:...

Amazon Linux 2 : tigervnc (ALAS-2020-1552)

The version of tigervnc installed on the remote host is prior to 1.8.0-21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1552 advisory. TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack...

Stack overflow

Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114...

CVE-2020-12830

The CVE-2020-12830 entry concerns Western Digital My Cloud devices and the vulnerability is a stack buffer overflow in unspecified components that could allow an attacker to escalate privileges via unauthorized remote code execution. Affected software is My Cloud firmware prior to version 5.04.11...

CVE-2020-12830

Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114...

Eaton HMiSoft Stack Buffer Overflow (CVE-2020-10639)

A stack buffer overflow vulnerability exists in Eaton HMiSoft. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...