1401 matches found
CVE-2018-6872
The elfparsenotes function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service out-of-bounds read and segmentation violation via a note with a large alignment...
Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which giv...
FreeCommander XE 2020 Pathname Buffer Overflow Exploit
!/usr/bin/python Exploit Title: FreeCommander XE 2020 - Pathname Buffer Overflow SEH Version: Build 810a 32-bit Software Link: https://freecommander.com/downloads/FreeCommanderXE-32-publicsetup.zip Exploit Author: Hodorsec email protected / email protected Vendor Homepage:...
SUSE-SU-2020:0468-1 Security update for webkit2gtk3
This update for webkit2gtk3 to version 2.26.4 fixes the following issues: Security issues fixed: - CVE-2019-8835: Fixed multiple memory corruption issues bsc1161719. - CVE-2019-8844: Fixed multiple memory corruption issues bsc1161719. - CVE-2019-8846: Fixed a use-after-free issue bsc1161719. -...
Jiangsu Jinzhi Technology Co., Ltd. iPACS-5772 suffers from denial-of-service vulnerability (CNVD-2020-01593)
iPACS-5772 is a measurement and control device with remote control, telemetry, telecommunication functions, logic blocking function, programmed operation function, device self-test, time-alignment function, and the device is equipped with software time-alignment and hardware time-alignment...
USN-4218-1: GNU C Library vulnerability
Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...
USN-4218-1 eglibc vulnerability
Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...
EulerOS 2.0 SP2 : zziplib (EulerOS-SA-2019-2478)
According to the versions of the zziplib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The zziplib is a lightweight library to easily extract data from zip files.Security Fixes:An issue was discovered in ZZIPlib through 0.13.69...
docPrint Pro 8.0 SEH Buffer Overflow
import struct Title: docPrint Pro v8.0 'User/Master Password' Local SEH Alphanumeric Encoded Buffer Overflow Date: September 14th, 2019 Author: Connor McGarr @33y0re https://connormcgarr.github.io Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe...
docPrint Pro 8.0 - SEH Buffer Overflow
import struct Title: docPrint Pro v8.0 'User/Master Password' Local SEH Alphanumeric Encoded Buffer Overflow Date: September 14th, 2019 Author: Connor McGarr @33y0re https://connormcgarr.github.io Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe...
Council of EU Law Enforcement Protocol improves cross-border cooperation
Last March, the Council of the European Union announced the new EU Law Enforcement Emergency Response Protocol to address the growing problem of planning and coordinating between governments, agencies, and companies when cyberattacks occur across international boundaries. Remember well-known...
SUSE-SU-2019:1802-1 Security update for kernel-firmware
This update for kernel-firmware aligns the firmware code with SUSE Linux Enterprise Server 15. The version is now at 20190618. Please refer to the kernel-firmware rpm changelog file to see the full history of changes...
JetAudio jetCast Server 2.0 Buffer Overflow
Title: JetAudio jetCast Server 2.0 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow Date: May 13th, 2019 Author: Connor McGarr https://connormcgarr.github.io Vendor Homepage: http://www.jetaudio.com/ Software Link:...
Admin Express 1.2.5.485 - Folder Path Local SEH Alphanumeric Encoded Buffer Overflow
Admin Express 1.2.5.485 - Folder Path Local SEH Alphanumeric Encoded Buffer Overflow Title: Admin Express v1.2.5.485 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow Date: May 6th, 2019 Author: Connor McGarr https://connormcgarr.github.io Vendor Homepage:...
Admin Express 1.2.5.485 Buffer Overflow
Title: Admin Express v1.2.5.485 Folder Path Local SEH Alphanumeric Encoded Buffer Overflow Date: May 6th, 2019 Author: Connor McGarr https://connormcgarr.github.io Vendor Homepage: https://admin-express.en.softonic.com/ Software Link: https://admin-express.en.softonic.com/download Version...
Unaligned memory access
Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. The flaw was corrected by Ralf Jung and Diggory Hardy...
RUSTSEC-2019-0035 Unaligned memory access
Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. The flaw was corrected by Ralf Jung and Diggory Hardy...
SUSE-SU-2019:0542-1 Security update for sssd
This update for sssd fixes the following issues: Security vulnerability addresed: - CVE-2019-3811: Fix fallbackhomedir returning '/' for empty home directories bsc1121759 Other bug fixes and changes: - Install logrotate configuration bsc1004220 - Align systemd service file with upstream, run...
Libmspack Project Buffer Overflow (CVE-2018-18584)
Buffer overflow vulnerability exists in the libmspack library. This vulnerability is due to improper handling of block alignment. Successful exploitation of the vulnerability may result in arbitrary code execution...
The vulnerability of the elf_parse_notes function in the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the elfparsenotes function in the GNU Binutils development toolset is related to errors in accessing data beyond the specified buffer. Exploiting this vulnerability could allow a malicious actor to cause service failures by using an ELF file with a NOTES segment having a larg...