6881 matches found
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
openthread/ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::NetworkData::Leader::IsStableUpdated
Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5630599882080256 Project: openthread Fuzzer: libFuzzeropenthreadncp-uart-received-fuzzer Fuzz target binary: ncp-uart-received-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash...
imagemagick/encoder_eps_fuzzer: Stack-buffer-overflow in ConstantString
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5726208135790592 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderepsfuzzer Fuzz target binary: encoderepsfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
imagemagick/ping_ept2_fuzzer: Stack-buffer-overflow in GetNextUTFCode
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5695814195740672 Project: imagemagick Fuzzer: libFuzzerimagemagickpingept2fuzzer Fuzz target binary: pingept2fuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
clamav/clamav_scanfile_fuzzer: Stack-buffer-overflow in real_scansis
Detailed report: https://oss-fuzz.com/testcase?key=5632043662180352 Project: clamav Fuzzer: libFuzzerclamavscanfilefuzzer Fuzz target binary: clamavscanfilefuzzer Job Type: libfuzzerasanclamav Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address: 0x7fd238ca9890 Crash State:...
Critical: thunderbird
Issue Overview: libical: Heap buffer over read in icalparser.c parsergetnextchar CVE-2019-11703 libical: Type confusion in icaltimezonegetvtimezoneproperties function in icalproperty.c CVE-2019-11706 Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 libical: Stack buffer overflow in...
wireshark/fuzzshark_ip_proto-udp: Stack-buffer-overflow in tvb_memcpy
Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=5738227266224128 Project: wireshark Fuzzer: aflwiresharkfuzzsharkipproto-udp Fuzz target binary: fuzzsharkipproto-udp Job Type: aflasanwireshark Platform Id: linux Crash Type:...
FreeBSD 11.x < 11.2-RELEASE-p7 / 12.x < 12.0-RELEASE-p1 bootpd stack buffer overflow
The version of the FreeBSD kernel running on the remote host is 11.x prior to 11.2-RELEASE-p7 or 12.x prior to 12.0-RELEASE-p1. It is, therefore, affected by a stack buffer overflow vulnerability in bootpd. Insufficient validation of network-provided data in bootpd may make it possible for a...
freeimage/load_from_memory_fuzzer: Stack-buffer-overflow in LibRaw::parse_rollei
Detailed report: https://oss-fuzz.com/testcase?key=5156329342107648 Project: freeimage Fuzzer: libFuzzerloadfrommemoryfuzzer Fuzz target binary: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7fef5bbbdca0 Crash Stat...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
imagemagick/ping_eps_fuzzer: Stack-buffer-overflow in ConstantString
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5653164516179968 Project: imagemagick Fuzzer: libFuzzerimagemagickpingepsfuzzer Fuzz target binary: pingepsfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
imagemagick/ping_ps_fuzzer: Stack-buffer-overflow in GetNextUTFCode
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5633665431764992 Project: imagemagick Fuzzer: libFuzzerimagemagickpingpsfuzzer Fuzz target binary: pingpsfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
CVE-2019-10193
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...
CVE-2019-10193
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...
Stack overflow
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...
CVE-2019-10193
CVE-2019-10193 is a stack-buffer overflow in Redis HyperLogLog exposed by the SETRANGE usage. Affected branches are Redis 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. Exploitation could cause writes past the end of a stack-allocated buffer, per multiple connected advisories. Public...
CVE-2019-10193
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...
CVE-2019-10193
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...
CVE-2019-10193
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...
Denial Of Service (DoS)
libzmq is vulnerable to denial of service DoS. The vulnerability exists through a stack buffer overflow issue in src/curveserver.cpp...