PT-2022-6884

Name of the Vulnerable Software and Affected Versions busybox versions prior to 1.35 Description The issue is related to a stack overflow vulnerability in the ash.c file of busybox, which can be exploited to achieve arbitrary code execution. This vulnerability is associated with a buffer overflow...

CVE-2022-39377

sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before arithmetic...

About the security content of watchOS 8.7

About the security content of watchOS 8.7 This document describes the security content of watchOS 8.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

GHSA-F836-7JQW-3684 Libextractor multiple heap-based buffer overflows

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. A stack-based buffer overflow in Printing allows an attacker to execute arbitrary code on the host OS...

SUSE: Security Advisory (SUSE-SU-2021:1646-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-22894

A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room...

CVE-2020-28020

Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...

Foxit PhantomPDF U3DBrowser U3D File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

Arbitrary Code Execution

gpac is vulnerable to arbitrary code execution. The vulnerability exists as a heap-based buffer over-read could occur through the function hdlrdump in isomedia/boxdump.c...

CVE-2020-10188

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions...

CVE-2019-11043 Underflow in PHP-FPM can lead to RCE

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution...

CVE-2019-16928

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command...

OPENSUSE-SU-2019:1999-1 Security update for teeworlds

This update for teeworlds fixes the following issues: - CVE-2019-10879: An integer overflow in CDataFileReader::Open could have lead to a buffer overflow and possibly remote code execution, because size-related multiplications were mishandled. boo1131729 - CVE-2019-10878: A failed bounds check in...

CVE-2019-1010057

nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffileinline.c:83, minilzo.c redistributed. The attack vector is: nfdump must read and process a specially crafted file...

CVE-2019-1010057

nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffileinline.c:83, minilzo.c redistributed. The attack vector is: nfdump must read and process a specially crafted file...

[ASA-201902-10] libcurl-gnutls: arbitrary code execution

Arch Linux Security Advisory ASA-201902-10 ========================================== Severity: High Date : 2019-02-12 CVE-ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Package : libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-877 Summary...

CVE-2018-3898

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE attacks. The attack exists due to a detached buffer bug that causes arbitrary memory reading and writing that can cause arbitrary code to be executed. This CVE is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294...

Heap overflow

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the applicatio...