SUSE CVE-2009-1097

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

SUSE CVE-2010-0991

Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted 1 ARGB, 2 XPM, or 3 BMP file, related to the IMAGEDIMENSIONSOK macro in lib/image.h...

SUSE CVE-2010-4328

Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes...

SUSE CVE-2010-4523

Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to 1 card-acos5.c, 2 card-atrust-acos.c, and 3 card-starcos.c...

SUSE CVE-2011-2441

Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors...

SUSE CVE-2011-2517

Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAPNETADMIN capability during scan operations with a long SSID value...

SUSE CVE-2011-2700

Multiple buffer overflows in the si4713writeecontrolstring function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted sextctrls operation with a 1...

SUSE CVE-2012-3364

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface NCI in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via incoming frames with crafted length fields...

SUSE CVE-2014-3597

Multiple buffer overflows in the phpparserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service application crash or possibly execute arbitrary code via a crafted DNS record, related to the dnsgetrecord function and the...

SUSE CVE-2015-1860

Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a crafted GIF image...

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2023-1391)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1363)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : libtiff (EulerOS-SA-2023-1326)

According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory...

Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices

Researchers are warning about a spike in exploitation attempts weaponizing a now-patched critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as...

Heap-Based Buffer Overflow

libtiff.so is vulnerable to Heap-Based Buffer Overflow. An attacker is able to trigger buffer overflows by parsing a specially crafted TIFF image in the processCropSelections function of tools/tiffcrop.c...

Debian dla-3283 : libapache2-mod-security2 - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3283 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3283-1 [email protected]...

Vulnerability Spotlight: OS command injection, directory traversal and other vulnerabilities found in Siretta Quartz-Gold and FreshTomato

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Siretta Quartz-Gold router. Talos also discovered vulnerabilities in FreshTomato while investigating the Siretta router. The Siretta Quartz-Gold is an industrial...

The vulnerability of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud are related to buffer overflows in dynamic memory. Exploiting these vulnerabilities can allow attackers to execute arbitrary code...

SUSE SLES12 Security Update : tiff (SUSE-SU-2023:0060-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0060-1 advisory. - Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1014)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...