Code injection

A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data...

CVE-2019-13103

A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data...

Insteon Hub Buffer Overflow Vulnerability (CNVD-2019-13142)

The Insteon Hub is an Insteon central controller product from Insteon USA. This product can remotely control light bulbs, wall switches, air conditioners and more in your home. A buffer overflow vulnerability exists in Insteon Hub 2245-222 using firmware version 1012. An attacker could exploit th...

CVE-2018-3980

An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability...

CVE-2017-2875

An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data...

CVE-2017-2878

An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an...

Computerinsel Photoline Stack Buffer Overflow Vulnerability (CNVD-2018-17434)

Computerinsel Photoline is a suite of image editing software. A stack buffer overflow vulnerability exists in the ANI parsing feature in Computerinsel Photoline version 20.54. An attacker can exploit this vulnerability by sending a specially crafted ANI image to overwrite arbitrary data and execu...

PT-2018-16315 · Computerinsel · Computerinsel Photoline

Name of the Vulnerable Software and Affected Versions: Computerinsel Photoline version 20.54 Description: A memory corruption issue exists in the PCX-parsing functionality. Processing a specially crafted PCX image can lead to an out-of-bounds write, allowing an attacker to overwrite arbitrary dat...

Design/Logic Flaw

An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite...

Out-of-bounds

An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability...

CVE-2018-3871

An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability an...

Computerinsel Photoline ANI Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver an ANI image to trigger this...

Heap overflow

An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this vulnerability...

CVE-2018-3889

A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution...

PT-2018-16262 · Talos +1 · Computerinsel Photoline +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: A specially crafted TIFF image can cause an out-of-bounds write when processed, allowing an attacker to overwrite arbitrary data and potentially gain code execution by delivering a...

PT-2018-16255 · Talos +1 · Computerinsel Photoline +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a...

PT-2018-16282 · Talos +1 · Computerinsel Photoline +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A specially crafted PCX image can cause an out-of-bounds write when processed, allowing an attacker to overwrite arbitrary data and potentially gain code execution by delivering a...

Computerinsel Photoline PCX Parsing Function Memory Corruption Vulnerability

PhotoLine is a multipurpose image and graphics editor. A memory corruption vulnerability exists in the PCX parsing feature of Computerinsel Photoline 20.53. An attacker can exploit the vulnerability by crafting a PCX image to cause out-of-bounds writes, overwrite arbitrary data, and thus enable...

CVE-2018-3886

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability...

CVE-2017-14463

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...