CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

libaom/av1_dec_fuzzer: Stack-buffer-overflow in highbd_dr_prediction_z1_64xN_avx2

Detailed report: https://oss-fuzz.com/testcase?key=5759400271151104 Project: libaom Fuzzer: afllibaomav1decfuzzer Fuzz target binary: av1decfuzzer Job Type: aflasanlibaom Platform Id: linux Crash Type: Stack-buffer-overflow READ 16 Crash Address: 0x7f0cdb2dc3f1 Crash State:...

CVE-2009-5153

In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted...

CVE-2009-5153

CVE-2009-5153 affects Novell NetWare prior to 6.5 SP8. A stack buffer overflow occurs in the processing of CALLIT RPC calls within the PKERNEL.NLM NFS Portmapper daemon. The overflow is triggered by trusting a length field, allowing remote, unauthenticated attackers to execute code. This is the r...

Debian DLA-1582-1 : liblivemedia security update

A stack based buffer overflow vulnerability was found in liblivemedia, the LIVE555 RTSP server library. This issue might be leveraged by remote attackers to cause code execution, by sending a crafted packet. For Debian 8 'Jessie', this problem has been fixed in version 2014.01.13-1+deb8u1. We...

EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1382)

According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authenticati...

CVE-2018-6069

Removed by vendor...

Rockwell Automation RSLinx Classic Stack Buffer Overflow (CVE-2018-14829)

A stack buffer overflow vulnerability exists in Rockwell Automation RSLinx Classic. The vulnerability is due to incorrect handling of malformed EtherNet/IP packets. A successful exploitation of the vulnerability could lead to a system crash...

IOBit Malware Fighter stack buffer overflow vulnerability (CNVD-2018-23265)

IObit Malware Fighter is an anti-malware and antivirus program for Microsoft Windows operating systems designed to remove and protect against malware, including trojans, rootkits and ransomware. A buffer overflow vulnerability in the stack exists in RegFilter.sys in IOBit Malware Fighter 6.2. An...

MGASA-2018-0440 Updated iniparser packages fix security vulnerability

A flaw was found in iniparser version prior to 4.1. A stack buffer underflow in the function iniparserload in iniparser.c file which can be triggered by parsing a file that containing a zero-byte. This vulnerability may allow an attacker to cause a Denial of Service DoS...

Updated iniparser packages fix security vulnerability

A flaw was found in iniparser version prior to 4.1. A stack buffer underflow in the function iniparserload in iniparser.c file which can be triggered by parsing a file that containing a zero-byte. This vulnerability may allow an attacker to cause a Denial of Service DoS...

SUSE-SU-2018:3659-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-7480: The blkcginitqueue function in block/blk-cgroup.c allowed local users to cause a denial of service double free or possibly have...

skia/api_raster_n32_canvas: Stack-buffer-overflow in sk_bzero

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5763541525594112 Project: skia Fuzzer: libFuzzerskiaapirastern32canvas Fuzz target binary: apirastern32canvas Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4...

Morris Worm fingerd Stack Buffer Overflow Exploit

This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Current source:...

Morris Worm fingerd Stack Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Morris Worm fingerd Stack Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in fingerd on 4.3BSD. This...

VLC Media Player LIVE555 RTSP Server RCE Vulnerability - Windows

VLC Media Player is prone to a remote code execution RCE vulnerability. This VT has been deprecated since VLC Media player is not affected. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

poppler/pdf_fuzzer: Stack-buffer-overflow in IdentityFunction::transform

Detailed report: https://oss-fuzz.com/testcase?key=5728547742679040 Project: poppler Fuzzer: aflpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanpoppler Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7f65b2f91028 Crash State: IdentityFunction::transfor...

CVE-2018-18707

An issue was discovered on Tenda AC7 V15.03.06.44CN, AC9 V15.03.05.196318CN, AC10 V15.03.06.23CN, AC15 V15.03.05.19CN, and AC18 V15.03.05.196318CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...