1296 matches found
CVE-2018-18064
cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c the generate and renderrows functions and cairo-image-compositor.c the cairoimagespansandzero function...
UBUNTU-CVE-2018-17076
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...
CVE-2018-17076
The CVE-2018-17076 issue affects GPP up to version 2.25. The root cause is that processing a crafted file can cause excessive stack usage, leading to a segmentation fault or potentially other impact. The available documents confirm the vulnerability and its memory-related stack overflow behavior,...
Security Bulletin: Aspera OnDemand is affected by an openSSL vulnerability (CVE-2018-0739)
Summary Aspera OnDemand has addressed the following openSSL vulnerability. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability ...
Artifex Ghostscript Denial of Service Vulnerability (CNVD-2020-54476)
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2018-0739)
Summary OpenSSL vulnerabilities were disclosed on March 27 2018 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By...
Security Bulletin: A vulnerability in glibc affects PowerKVM
Summary PowerKVM is affected by a vulnerability in the GNU C Library glibc. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-1000366 DESCRIPTION: Glibc could allow a local attacker to execute arbitrary code on the system, caused by a vulnerability that allows...
CVE-2017-7790
On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems...
Code injection
On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems...
CVE-2017-7790
On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems...
CVE-2017-7790
CVE-2017-7790 affects the Windows build of Mozilla Firefox prior to 55. The issue arises when non-null-terminated strings are copied into the crash reporter for certain registry keys, causing stack memory to be copied up to a null terminator. This could potentially expose private data from the lo...
MP3Gain 'apetag.c' Memory Corruption Vulnerability
MP3Gain is a volume adjustment application for MP3 files. A security vulnerability exists in the apetag.c file in MP3Gain version 1.5.2.r2. The vulnerability can be exploited to corrupt stack memory with the help of specially crafted MP3 files...
Paessler PRTG Network Monitor Denial of Service Vulnerability
Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A security vulnerability exists in Paessler PRTG Network Monitor prior to version 18.1.39.1648, which can be exploited to cause a denial of service due to a failure of the progra...
CVE-2018-10253
Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls...
CVE-2018-10253
Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls...
CVE-2018-10253
Paessler PRTG Network Monitor prior to version 18.1.39.1648 is affected by a stack memory handling issue during API calls, described as a stack overflow/DoS vulnerability. Public references (CNVD/OpenVAS/Exploit-DB) indicate the vulnerability can be triggered remotely and leads to denial of servi...
Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stack Memory Disc
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows...
Microsoft Windows - nt!NtQueryFullAttributesFile Kernel Stack Memory Disclosure Exploit
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryFullAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths...
Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stack Memory Disclosure
Microsoft Windows - nt!NtQueryVirtualMemory MemoryImageInformation Kernel 64-bit Stack Memory Disclosure / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients...
Microsoft Windows - nt!NtQueryVolumeInformationFile Kernel Stack Memory Disclosure
Microsoft Windows - nt!NtQueryVolumeInformationFile Kernel Stack Memory Disclosure / We have discovered that the nt!NtQueryVolumeInformationFile system call invoked against certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 1...