Security Bulletin: IBM® InfoSphere Balanced Warehouse, IBM Smart Analytics System and IBM PureData System for Operational Analytics are affected by an IBM DB2® LUW denial of service vulnerability in ALTER MODULE statement handling (CVE-2014-3094)

Summary The IBM InfoSphere Balanced Warehouse C3000, C4000, D5100, IBM Smart Analytics System 1050, 2050, 5600, 5710, 7600, 7700, 7710 and IBM PureData System for Operational Analytics ship with either IBM DB2 Version 9.7 or Version 10.1. IBM DB2 is vulnerable to a stack buffer overflow, caused b...

Medium: httpd24

Issue Overview: A vulnerability was found in Apache httpd, in modhttp2. Under certain circumstances, HTTP/2 early pushes could lead to memory corruption, causing a server to crash.CVE-2019-10081 A read-after-free vulnerability was discovered in Apache httpd, in modhttp2. A specially crafted http/...

imagemagick:ping_tiff_fuzzer: Stack-buffer-overflow in _TIFFVGetField

Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5841571697655808 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: pingtifffuzzer Job Type: libfuzzerasani386imagemagick Platform Id: linux Crash Type: Stack-buffer-overflow WRITE ...

AVEVA IEC870IP Driver CVE-2019-13537 Stack Buffer Overflow Vulnerability

...

CVE-2018-17958

An integer overflow issue was found in the RTL8139 NIC emulation in QEMU. It could occur while receiving packets over the network if the size value is greater than INTMAX. Such overflow would lead to stack buffer overflow issue. A user inside guest could use this flaw to crash the QEMU process,...

open62541:fuzz_mdns_message: Stack-buffer-overflow in _label

Project: https://github.com/open62541/open62541.git Detailed Report: https://oss-fuzz.com/testcase?key=6309580862128128 Project: open62541 Fuzzing Engine: afl Fuzz Target: fuzzmdnsmessage Job Type: aflasanopen62541 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

binutils:fuzz_disassemble: Stack-buffer-overflow in get_indirect_operand

Detailed Report: https://oss-fuzz.com/testcase?key=5663912053178368 Project: binutils Fuzzing Engine: afl Fuzz Target: fuzzdisassemble Job Type: aflasanbinutils Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address: 0x7f4f3e03ae5a Crash State: getindirectoperand printtwoopera...

ASX To MP3 Converter 3.1.3.7 Stack Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow DEP", 'Description' = %q This module exploits a stack buffer overfl...

ASX to MP3 converter 3.1.3.7 - (.asx) Local Stack Overflow (DEP Bypass) Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow DEP", 'Description' = %q This module exploits a stack buffer overfl...

OPENSUSE-SU-2019:2235-1 Security update for u-boot

This update for u-boot fixes the following issues: Security issues fixed: - CVE-2019-13106: Fixed stack buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of data v...

Security update for u-boot (moderate)

openSUSE Security Update: Security update for u-boot Announcement ID: openSUSE-SU-2019:2233-1 Rating: moderate References: 1144656 1144675 Cross-References: CVE-2019-13104 CVE-2019-13106 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...

Security update for u-boot (moderate)

openSUSE Security Update: Security update for u-boot Announcement ID: openSUSE-SU-2019:2235-1 Rating: moderate References: 1144656 1144675 Cross-References: CVE-2019-13104 CVE-2019-13106 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description:...

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

Null pointer dereference

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

CVE-2019-10097

CVE-2019-10097 affects Apache HTTP Server 2.4.32–2.4.39 when mod_remoteip is configured to use a trusted intermediary proxy server via the PROXY protocol. A specially crafted PROXY header can trigger a stack buffer overflow or NULL pointer dereference, potentially crashing the server or impacting...

CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

SUSE-SU-2019:2475-1 Security update for u-boot

This update for u-boot fixes the following issues: Security issues fixed: - CVE-2019-13106: Fixed stack buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of data v...

SUSE-SU-2019:2474-1 Security update for u-boot

This update for u-boot fixes the following issues: Security issues fixed: - CVE-2019-13106: Fixed stack buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of data v...