Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability

Summary An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this...

Foscam IP Video Camera Buffer Overflow Vulnerability (CNVD-2017-34270)

Foscam C1 Indoor HD Camera is a wireless HD IP camera from Foscam China. A buffer overflow vulnerability exists in the web management interface in the Foscam C1 Indoor HD Camera. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to overwrite arbitrary data...

Libpcap Design Vulnerabilities

libpcap is a C library for network packet capture. A security vulnerability exists in the pcap-linux.c file in version 1.1.1 prior to libpcap commit ea9432fabdf4b33cbc76d9437200e028f1c47c93. A remote attacker can exploit this vulnerability to send arbitrary data with the help of specially crafted...

Oracle JDK/JRE: Multiple vulnerabilities

Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications...

Code injection

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets...

CVE-2011-1935

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets...

CVE-2011-1935

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets...

CVE-2011-1935

Details from multiple sources confirm CVE-2011-1935 affects libpcap's pcap-linux.c codepath for libpcap 1.1.1 prior to commit ea9432fabdf4b33cbc76d9437200e028f1c47c93. When snaplen is set, the frame size calculation may truncate packets, potentially allowing a remote attacker who can send crafted...

CVE-2017-9607

The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1platmemcheck protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an...

CVE-2017-9607

The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1platmemcheck protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an...

Code injection

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows remote attackers to write arbitrary data to a known /var/tmp/sess pathname by leveraging the device's operation in UI dev mode...

CVE-2017-9485

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows remote attackers to write arbitrary data to a known /var/tmp/sess pathname by leveraging the device's operation in UI dev mode...

CVE-2017-9485

The CVE-2017-9485 entry applies to Cisco DPC3939 firmware (Comcast deployment) and describes a remote arbitrary file-write vulnerability. An attacker can leverage the device’s UI dev mode to write arbitrary data to a known /var/tmp/sess_* pathname. Connected advisories (CNVD-2017-27783, CVE lists...

Design/Logic Flaw

In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to t...

Design/Logic Flaw

In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. An attacker can simply send an HTTP request to t...

UBUNTU-CVE-2017-9445

In systemd through 233, certain sizes passed to dnspacketnew in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker can simply send ...

Buffer overflow

An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an...

CVE-2017-2831

An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an...

Log injection in SAP NetWeaver AS Java using basic auth

Application: SAP NetWeaver AS Java Versions Affected: ENGINEAPI 7.10-7.50 Vendor URL: SAP Bug: Log Injection Reported: 17.05.2017 Vendor response: 18.05.2017 Date of Public Advisory: 14.11.2017 Reference: SAP Security Note 2485208 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...