Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal

!/usr/bin/env python -- coding: UTF-8 -- github.com/tintinweb optional: pip install pysocks https://pypi.python.org/pypi/PySocks ''' API overview: nc -L -p 3333 "id":0,"jsonrpc":"2.0","method":"minergetstat1" "id":0,"jsonrpc":"2.0","method":"minerfile","params":"epools.txt",""...

Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Remote Code Execution

Vulnerability Summary The following advisory describes a buffer overflow that leads to remote code execution found in Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 Dasan Networks GPON ONT WiFi Router “is indoor type ONT dedicated for FTTH Fibre to the...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1292)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the key management subsystem of the Linux kernel. An update on an uninstantiated key could cause a kernel panic,...

QEMU - NBD Server Long Export Name Stack Buffer Overflow

Introduced in commit f37708f6b8 2.10. The NBD spec says a client can request export names up to 4096 bytes in length, even though they should not expect success on names longer than 256. However, qemu hard-codes the limit of 256, and fails to filter out a client that probes for a longer name; the...

Virtuozzo 7 : readykernel-patch (VZA-2017-086)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as...

CVE-2017-2919

An exploitable stack based buffer overflow vulnerability exists in the xlsgetfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

CVE-2017-2919

The CVE-2017-2919 issue concerns the libxls library (v1.3.4) where the function xls_getfcell has a stack-based buffer overflow vulnerability. A crafted XLS file can cause memory corruption, enabling remote code execution . Public references consistently tie this to the libxls code path used when ...

InTouch Machine Edition Unspecified Stack Buffer Overflow Vulnerability - Windows

InTouch Machine Edition is prone to an unspecified stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

chakra: Dynamic-stack-buffer-overflow in js_memcpy_s

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=4738279476822016 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 16 Crash Address: 0x7fffa66f0a98 Crash State: jsmemcpys...

CVE-2017-1000210

picoTCP versions 1.7.0 - 1.5.0 is vulnerable to stack buffer overflow resulting in code execution or denial of service attack...

CVE-2017-1000210

picoTCP versions 1.7.0 - 1.5.0 is vulnerable to stack buffer overflow resulting in code execution or denial of service attack...

CVE-2017-1000210

PicoTCP is affected: stack buffer overflow in the TCP/IP stack for embedded systems, affecting versions 1.5.0 through 1.7.0. The vulnerability can lead to code execution or denial of service. Root cause: stack overflow in picoTCP’s handling of inputs/packets. The provided documents consistently d...

InduSoft Web Studio Unspecified Stack Buffer Overflow Vulnerability - Windows

InduSoft Web Studio is prone to an unspecified stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Office Equation Editor stack buffer overflow

Overview Microsoft Equation Editor contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Equation Editor is a component that comes with Microsoft Office. It is an out-of-process COM server that ...

FreeBSD : chromium -- multiple vulnerabilities (f8e72cd4-c66a-11e7-bb17-e8e0b747a45a)

Google Chrome Releases reports : 2 security fixes in this release, including : - 777728 Critical CVE-2017-15398: Stack buffer overflow in QUIC. Reported by Ned Williamson on 2017-10-24 - 776677 High CVE-2017-15399: Use after free in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-10-2...

chakra: Dynamic-stack-buffer-overflow in Js::JavascriptOperators::FillScopeObject

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=4923358425645056 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 8 Crash Address: 0x7ffcc81d62a0 Crash State:...

Security update for chromium (important)

This update for Chromium to version 62.0.3202.89 fixes the following vulnerabilities boo1066851: - CVE-2017-15398: Stack buffer overflow in QUIC - CVE-2017-15399: Use after free in V8...

Cesanta Mongoose MQTT SUBSCRIBE Multiple Topics Remote Code Execution(CVE-2017-2894)

Summary An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT...

chakra: Dynamic-stack-buffer-overflow in Js::JavascriptArray::NewInstance

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=6106023170408448 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 8 Crash Address: 0x7ffd13bb0260 Crash State:...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...