SUSE-SU-2018:0822-1 Security update for librelp

This update for librelp fixes the following issues: CVE-2018-1000140 bsc1086730: librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509...

imagemagick/encoder_label_fuzzer: Stack-buffer-overflow in CopyMagickString

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6197746135465984 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderlabelfuzzer Fuzz target binary: encoderlabelfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

Easy CD DVD Copy 1.3.24 Buffer Overflow

!/usr/bin/python Exploit Title : Easy CD DVD Copy v1.3.24 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.divxtodvd.net/index.htm Vulnerable Software: http://www.divxtodvd.net/easycddvdcopy.exe Test...

CVE-2018-1000140

rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by...

gdal/gdal_translate_fuzzer: Stack-buffer-underflow in reduce

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5156689281024000 Project: gdal Fuzzer: aflgdaltranslatefuzzer Fuzz target binary: gdaltranslatefuzzer Job Type: aflasangdal Platform Id: linux Crash Type: Stack-buffer-underflow READ 4 Crash Address:...

wireshark/fuzzshark_ip: Stack-buffer-overflow in dissect_ieeeNUMBER_common

Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=6062904672518144 Project: wireshark Fuzzer: aflwiresharkfuzzsharkip Fuzz target binary: fuzzsharkip Job Type: aflasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash...

curl/curl_fuzzer_http: Stack-buffer-overflow in fuzz_handle_transfer

Detailed report: https://oss-fuzz.com/testcase?key=5569625854050304 Project: curl Fuzzer: libFuzzercurlfuzzerhttp Fuzz target binary: curlfuzzerhttp Job Type: libfuzzerasancurl Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7fff6a3b0910 Crash State: fuzzhandletransfe...

MGASA-2018-0167 Updated php packages fix CVE-2018-7584

Updated php packages fix security vulnerability: Update to php 5.6.34 fixes a stack-buffer-overflow while parsing HTTP response. CVE-2018-7584...

Updated php packages fix CVE-2018-7584

Updated php packages fix security vulnerability: Update to php 5.6.34 fixes a stack-buffer-overflow while parsing HTTP response. CVE-2018-7584...

Ruby Ox gem stack buffer overflow vulnerability

Ruby Ox gem is a Ruby-based XML parser . A stack buffer overflow vulnerability exists in the 'readfromstr' function of the saxbuf.c file in Ruby Ox gem version 2.8.1. An attacker can exploit this vulnerability to cause a denial of service process crash with specially crafted input...

PHP 5.x < 5.6.34, 7.x < 7.0.28, 7.1.x < 7.1.15, 7.2.x < 7.2.3 Stack Buffer Overflow Vulnerability (Mar 2018) - Linux

PHP is prone to a stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP 5.x < 5.6.34, 7.x < 7.0.28, 7.1.x < 7.1.15, 7.2.x < 7.2.3 Stack Buffer Overflow Vulnerability (Mar 2018) - Windows

PHP is prone to a stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20180306)

Security Fixes : - Kernel: KVM: MMU potential stack buffer overrun during page walks CVE-2017-12188, Important - Kernel: KVM: debug exception via syscall emulation CVE-2017-7518, Moderate C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if...

PHP 7.0.x < 7.0.28 Stack Buffer Overflow

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.28. It is, therefore, affected by a stack buffer overflow vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

PHP 5.6.x < 5.6.34 Stack Buffer Overflow

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.34. It is, therefore, affected by a stack buffer overflow vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

PHP 7.2.x < 7.2.3 Stack Buffer Overflow

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.3. It is, therefore, affected by a stack buffer overflow vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

PHP 7.1.x < 7.1.15 Stack Buffer Overflow

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.15. It is, therefore, affected by a stack buffer overflow vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

RHEL 7 : kernel-rt (RHSA-2018:0412)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0412 advisory. - Kernel: KVM: debug exception via syscall emulation CVE-2017-7518 - Kernel: KVM: MMU potential stack buffer overrun during page walks...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...