CVE-2021-24018

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image...

CVE-2021-24018

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image...

PT-2021-6857 · Fortinet · Fortiswitch +7

Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 7.0.1 FortiWeb versions affected versions not specified FortiSwitch versions affected versions not specified FortiProxy versions affected versions not specified FortiADC versions affected versions not specified Forti...

CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

DEBIAN-CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

CVE-2020-28024

CVE-2020-28024 affects Exim 4 before 4.94.2. The issue is a Buffer Underwrite in which smtp_ungetc can push back non-character error codes (e.g., EOF), enabling unauthenticated remote command execution. Multiple connected sources (e.g., Astra Linux advisories, Debian advisories, and Citations in ...

CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

Ubuntu 16.04 ESM : Exim vulnerabilities (USN-4934-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4934-2 advisory. USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026...

CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

UBUNTU-CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

SUSE: Security Advisory (SUSE-SU-2020:1806-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary Code Execution

transfig is vulnerable to arbitrary code execution. A buffer underwrite vulnerability in getline in read.c allows an attacker to write prior to the beginning of the buffer via a malicious .fig file, potentially obtaining arbitrary code execution on the host OS...

SUSE-SU-2020:1806-1 Security update for transfig

This update for transfig fixes the following issues: Security issue fixed: - CVE-2019-14275: Fixed stack-based buffer overflow in the calcarrow function bsc1143650. - CVE-2018-16140: Fixed a buffer underwrite vulnerability in getline in read.c, which allowed an attacker to write prior to the...

Debian: Security Advisory (DLA-2073-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2073-1] transfig security update

Package : transfig Version : 1:3.2.5.e-4+deb8u2 CVE ID : CVE-2018-16140 CVE-2019-14275 CVE-2019-19555 Several issues have been found in transfig, a XFig figure files converter. CVE-2018-16140 Buffer underwrite vulnerability in getline allows an attacker to write prior to the beginning of the buff...

NewStart CGSL CORE 5.05 / MAIN 5.05 : poppler Multiple Vulnerabilities (NS-SA-2019-0249)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has poppler packages installed that are affected by multiple vulnerabilities: - Poppler before 0.70.0 has a NULL pointer dereference in popplerattachmentnew when called from popplerannotfileattachmentgetattachment. CVE-2018-191...

Amazon Linux 2 : poppler (ALAS-2019-1332)

In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.CVE-2018-16646 An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as...

poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc

A heap-based buffer underwrite exists in ImageStream::getLine located at Stream.cc in Poppler 0.74.0 that can for example be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impa...