CVE-2017-15860

In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur...

CentOS Update for 389-ds-base CESA-2018:0163 centos7

Check the version of 389-ds-base SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882838";...

Important: Red Hat Security Advisory: 389-ds-base security and bug fix update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

SUSE SLED12 / SLES12 Security Update : libevent (SUSE-SU-2018:0200-1)

This update for libevent fixes the following security issues : - CVE-2016-10195: DNS remote stack overread vulnerability bsc1022917 - CVE-2016-10196: stack/buffer overflow in evutilparsesockaddrport bsc1022918 - CVE-2016-10197: out-of-bounds read in searchmakenew bsc1022919 Note that Tenable...

imagemagick/encoder_mvg_fuzzer: Stack-buffer-overflow in GetNextToken

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6428407182131200 Project: imagemagick Fuzzer: aflimagemagickencodermvgfuzzer Fuzz target binary: encodermvgfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

CVE-2017-15134

A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service...

mupdf/pdf_fuzzer: Stack-buffer-overflow in pdf_lookup_cmap_full

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=5267574158786560 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7f86eb165ec0...

imagemagick/encoder_pes_fuzzer: Stack-buffer-overflow in ReadPESImage

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=4862272657686528 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderpesfuzzer Fuzz target binary: encoderpesfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_mpc_fuzzer: Stack-buffer-overflow in GetPathComponent

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5192405184675840 Project: imagemagick Fuzzer: aflimagemagickencodermpcfuzzer Fuzz target binary: encodermpcfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

Kentico CMS 11.0 - Buffer Overflow Vulnerability

Exploit for windows platform in category dos / poc Document Title: =============== Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability CVE-ID: ======= CVE-2018-5282 Vulnerability Class: ==================== Buffer Overflow Current Estimated Price: ======================== 2.000€ - 3.000€...

ALLMediaServer 0.95 - Remote Buffer Overflow

ALLMediaServer 0.95 - Remote Buffer Overflow !/usr/bin/python Exploit Title: Stack Buffer Overflow in ALLMediaServer 0.95 Exploit Author: Mario Kartone Ciccarelli Contact: https://twitter.com/Kartone CVE: CVE-2017-17932 Date: 09-01-2018 Thanks to PoC: https://www.exploit-db.com/exploits/43406/...

ALLMediaServer 0.95 - Remote Buffer Overflow

!/usr/bin/python Exploit Title: Stack Buffer Overflow in ALLMediaServer 0.95 Exploit Author: Mario Kartone Ciccarelli Contact: https://twitter.com/Kartone CVE: CVE-2017-17932 Date: 09-01-2018 Thanks to PoC: https://www.exploit-db.com/exploits/43406/ Software link:...

D-Link soap.cgi Stack Buffer Overflow(CVE-2018-5318)

作者：Chu 1. 前言 老板前一段给买了几款路由把玩，研究了下 D-Link DIR 629、DIR 823 这两款板子。 发现在 soap.cgi 中存在几处栈溢出，均可以远程利用，并且其他型号的路由也有对 soap 这一部分代码的复用。 2. 逆向分析与漏洞挖掘 因为是想挖几个能远程利用的洞，首先去看了 HTTP 服务，也就是 /htdocs/cgibin。 D-Link HTTP 服务由cgibin提供，并通过软链接的文件名进入到不同的处理分支： 在各个 cgi 处理函数中，会通过 cgibinparserequest 来解析用户输入，其函数原型大致如下： 参数...

gdal/gtiff_mmap: Stack-buffer-overflow in CPLvsnprintf

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=4829988999135232 Project: gdal Fuzzer: aflgdalgtiffmmap Fuzz target binary: gtiffmmap Job Type: aflasangdal Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f176f3570c0 Crash...

LabF nfsAxe 3.7 FTP Client Stack Buffer Overflow

This module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client allowing remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LabF nfsAxe 3.7 FTP Client Stack Buffer...

Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability

Document Title: =============== Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1943 Release Date: ============= 2018-01-04 Vulnerability Laboratory ID VL-ID: ====================================...

Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability

Document Title: =============== Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1943 Release Date: ============= 2018-01-04 Vulnerability Laboratory ID VL-ID: ====================================...

Kingsoft Antivirus/Internet Security 9+ - Local Privilege Escalation

""" Kingsoft Antivirus/Internet Security 9+ Kernel Stack Buffer Overflow Privilege Escalation Vulnerability Anti-Virus: http://www.kingsoft.co/downloads/kav/KAV100720ENUDOWN33102010.rar Internet Security: http://www.kingsoft.co/downloads/kis/kis.rar Summary: ======== This vulnerability allows loc...

Kingsoft AntivirusInternet Security 9+ - Local Privilege Escalation

Kingsoft AntivirusInternet Security 9+ - Local Privilege Escalation """ Kingsoft Antivirus/Internet Security 9+ Kernel Stack Buffer Overflow Privilege Escalation Vulnerability Anti-Virus: http://www.kingsoft.co/downloads/kav/KAV100720ENUDOWN33102010.rar Internet Security:...

CVE-2017-1000437

Creolabs Gravity 1.0 contains a stack based buffer overflow in the operatorstringadd function, resulting in remote code execution...