Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

CVE-2019-25614

Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious STOR command...

PT-2026-27002

Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious STOR command...

RHEL 8 : vsftpd (RHSA-2026:4470)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4470 advisory. The vsftpd packages include a Very Secure File Transfer Protocol FTP daemon, which is used to serve files over a network. Security Fixes: vsftpd:...

CVE-2019-25361 Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow

Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in the SYST command handling that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted SYST command with oversized payload to trigger a buffer overflow and execute a bind shell on port 5150...

PT-2026-20536

Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in the SYST command handling that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted SYST command with oversized payload to trigger a buffer overflow and execute a bind shell on port 5150...

CVE-2020-37068

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the LIST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

CVE-2020-37068 Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service

Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the LIST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code...

PCMan FTP Server 安全漏洞

PCMan FTP Server is a suite of FTP server software from PCMan Open Source. A security vulnerability exists in PCMan FTP Server version 2.0, which stems from a buffer overflow in the pwd command that could lead to the execution of arbitrary code...

CVE-2010-10014 Odin Secure FTP <= 4.1 Stack Buffer Overflow via LIST Response

Odin Secure FTP = 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrite...

PCMan FTP Server 安全漏洞

PCMan FTP Server is PCMan open source set of FTP server software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from the RMDIR command handler failing to properly validate the length of input data, which can be exploited by an attacker to cause a denial of service...

OESA-2023-1874 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

SUSE CVE-2023-48233

Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a signed long variable, abort with evaluetoolarge. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit...

SUSE CVE-2023-48234

Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit 58f9befca1 which has...

UBUNTU-CVE-2023-48236

Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAXINT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit 73b2d379 which...

CVE-2023-48236

Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAXINT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit 73b2d379 which...

UBUNTU-CVE-2023-24809

NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" call command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgi...

Siemens Nucleus ReadyStart 缓冲区错误漏洞

Nucleus NET modules integrate a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. A security vulnerability exists in several Siemens products, which stems from a stack buffer overflow...

AZL-6850 CVE-2021-32761 affecting package redis for versions less than 6.2.5-1

Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...

DEBIAN-CVE-2021-32761

Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...