Arbitrary Code Execution

top-pegasus is vulnerable to arbitrary code execution. A stack buffer overflow flaw was found in the PAM authentication code in the OpenPegasus CIM management server. An unauthenticated remote user could trigger this flaw and potentially execute arbitrary code with root privileges...

CVE-2019-11760

A flaw was discovered in Mozilla Firefox and Thunderbird where a fixed-stack buffer overflow could occur during WebRTC signalling. The vulnerability could lead to an exploitable crash or leak data...

CVE-2020-7065

A vulnerability was found in PHP while using the mbstrtolower function with UTF-32LE encoding, where certain invalid strings cause PHP to overwrite the stack-allocated buffer. This flaw leads to memory corruption, crashes, and potential code execution...

Internet Bug Bounty: mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full (CVE-2020-7065)

PHP bug report made public by the maintainers at the time of writing: https://bugs.php.net/bug.php?id=79371 Mitre CVE page: https://vulners.com/cve/CVE-2020-7065 Link to the release notes: https://www.php.net/ChangeLog-7.php7.4.4 Impact One of impacts is that the issue allows an attacker to...

CVE-2018-18064

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c the generate and renderrows functions and cairo-image-compositor.c the cairoimagespansandzero function...

EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1359)

According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the...

CVE-2019-10097

A vulnerability was discovered in Apache httpd, in modremoteip. A trusted proxy using the "PROXY" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences. This issue...

SUSE-SU-2020:0832-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution bsc1167631. -...

CVE-2019-11705

A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1. Mitigation Thunderbird can be configured to use icaljs inste...

suricata:fuzz_siginit: Stack-buffer-overflow in ParseSizeString

Detailed Report: https://oss-fuzz.com/testcase?key=5086076374089728 Project: suricata Fuzzing Engine: afl Fuzz Target: fuzzsiginit Job Type: aflasansuricata Platform Id: linux Crash Type: Stack-buffer-overflow READ 12 Crash Address: 0x7ffd02fbf68b Crash State: ParseSizeString ParseSizeStringU64...

Stack overflow

In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution...

PHP 7.3.x < 7.3.16 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.16. It is, therefore, affected by the following vulnerabilities: - An out of bounds read resulting in the use of an uninitialized value in exif. CVE-2020-7064 - A stack buffer overflow in mbstrtolow...

quickjs:fuzz_regexp: Stack-buffer-overflow in re_parse_term

Project: https://github.com/horhof/quickjs.git https://github.com/bellard/quickjs.git Detailed Report: https://oss-fuzz.com/testcase?key=5682808761876480 Project: quickjs Fuzzing Engine: afl Fuzz Target: fuzzregexp Job Type: aflasanquickjs Platform Id: linux Crash Type: Stack-buffer-overflow READ...

PT-2020-12347 · Draytek · Draytek Vigor2960 +2

Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 versions prior to 1.5.1 Draytek Vigor2960 versions prior to 1.5.1 Draytek Vigor300B versions prior to 1.5.1 Description: A stack-based buffer overflow in the "/cgi-bin/activate.cgi" API endpoint through the ticket parameter...

openSUSE: Security Advisory for glibc (openSUSE-SU-2020:0381-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-5185

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as a...

Stack overflow

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1eb9c the extracted interface element name from the xml file is...

Stack overflow

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as a...

CVE-2019-5185

CVE-2019-5185 affects the WAGO PFC200 controller’s iocheckd service (I/O-Check). A crafted XML cache file placed at /tmp/iocheckCache.xml can trigger a stack buffer overflow while parsing the node: the code uses sprintf() into a fixed 512-byte stack buffer and then copies it with strcpy() to an ...

CVE-2019-5186

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1eb9c the extracted interface element name from the xml file is...