CVE-2018-14496

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocalbuff4326, and setgetparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or...

ZeroMQ Stack Buffer Overflow Vulnerability

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ that stems from a program's failure to properly handle application metadata. An attacker could exploit this vulnerability to cause ZeroMQ to crash or possibly execute arbitrary code...

The vulnerability of the IBM Spectrum Protect server and data protection agent, related to buffer overflows in the stack, allows attackers to execute arbitrary code or cause failures in the server or data protection agent’s functionality.

The vulnerability of the IBM Spectrum Protect server and data protection agent is related to buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause failures in the server or data protection agent...

Multiple vulnerabilities in the PostgreSQL database management system, caused by buffer overflows in the stack, allow attackers to execute arbitrary code.

The multiple vulnerabilities in the PostgreSQL database management system are caused by buffer overflows on the stack. Exploitation of these vulnerabilities allows a remote attacker to execute arbitrary code...

cryptofuzz/cryptofuzz-openssl-110-noasm: Stack-buffer-overflow in RC5_32_set_key

Project: https://github.com/guidovranken/cryptofuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5636104176271360 Project: cryptofuzz Fuzzer: libFuzzercryptofuzzcryptofuzz-openssl-110-noasm Fuzz target binary: cryptofuzz-openssl-110-noasm Job Type: libfuzzerasancryptofuzz Platform Id:...

CentOS Update for thunderbird CESA-2019:1624 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190627)

Security Fixes : - Mozilla: Type confusion in Array.pop CVE-2019-11707 - thunderbird: Stack buffer overflow in icalrecuraddbydayrules in icalrecur.c CVE-2019-11705 - Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 - thunderbird: Heap buffer over read in icalparser.c parsergetnextchar...

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:1626 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20190627)

Security Fixes : - Mozilla: Type confusion in Array.pop CVE-2019-11707 - thunderbird: Stack buffer overflow in icalrecuraddbydayrules in icalrecur.c CVE-2019-11705 - Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 - thunderbird: Heap buffer over read in icalparser.c parsergetnextchar...

libxslt CVE-2019-13118 Stack Buffer Overflow Vulnerability

Description libxslt is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. libxslt 1.1.33 is vulnerable; other versions may also be affected. Technologies Affected Apple TV Apple Watch Apple iOS ...

RHEL 7 : thunderbird (RHSA-2019:1626)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1626 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.2. Security Fixes: Mozilla:...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

radare2/ia_fuzz: Stack-buffer-overflow in string_scan_range

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=5638315212013568 Project: radare2 Fuzzer: libFuzzerradare2iafuzz Fuzz target binary: iafuzz Job Type: libfuzzerasanradare2 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

FreeBSD : Mozilla -- multiple vulnerabilities (98f1241f-8c09-4237-ad0d-67fb4158ea7a)

Mozilla Foundation reports : CVE-2019-11703: Heap buffer overflow in icalparser.c A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. CVE-2019-11704: Heap buffer...

c-ares/ares_parse_reply_fuzzer: Stack-buffer-overflow in ares_parse_aaaa_reply

Project: https://github.com/c-ares/c-ares.git Detailed report: https://oss-fuzz.com/testcase?key=5683497160671232 Project: c-ares Fuzzer: libFuzzerc-aresaresparsereplyfuzzer Fuzz target binary: aresparsereplyfuzzer Job Type: libfuzzerasanc-ares Platform Id: linux Crash Type: Stack-buffer-overflow...

openthread/ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::Message::Write

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5734126906245120 Project: openthread Fuzzer: aflopenthreadncp-uart-received-fuzzer Fuzz target binary: ncp-uart-received-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type:...

MGASA-2019-0193 Updated thunderbird packages fix security vulnerabilities

The updated thunderbird packages fix some bugs and security vulnerabilities: Heap buffer overflow in icalparser.c. CVE-2019-11703 Heap buffer overflow in icalvalue.c. CVE-2019-11704 Stack buffer overflow in icalrecur.c. CVE-2019-11705 Type confusion in icalproperty.c. CVE-2019-11706...

openthread/radio-receive-done-fuzzer: Stack-buffer-overflow in ot::Message::Write

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5759171934289920 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Cra...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::MeshCoP::DatasetManager::HandleSet

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5683612520808448 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...