87 matches found
CLSA-2023-1698179730 zlib: Fix of CVE-2023-45853
CVE-2023-45853: Reject overflows of zip header fields in minizip...
CLSA-2023-1698179598 Fix CVE(s): CVE-2023-45853
SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip464 - CVE-2023-45853...
CLSA-2023-1698179235 Fix CVE(s): CVE-2023-45853
SECURITY UPDATE: Reject overflows of zip header fields in minizip - debian/patches/CVE-2023-45853.patch: Check length of comment, filename and extra field in zipOpenNewFileInZip464 - CVE-2023-45853...
DEBIAN-CVE-2023-36478
Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to exceed their size limit. MetaDataBuilder.java determines if a...
SUSE CVE-2004-0234
Multiple stack-based buffer overflows in the getheader function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testi...
SUSE CVE-2019-14982
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash...
SUSE CVE-2020-17444
An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field and deducing whether the IPv6 extension headers are valid doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the extension heade...
OESA-2022-1892 sudo security update
Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: zlib through 1.2.12 has a heap-based buffer over-read or buff...
UBUNTU-CVE-2021-4207
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...
CVE-2022-26952
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page...
httpd: mod_proxy_uwsgi buffer overflow
A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...
(0Day) D-Link DCS-960L HTTP Authorization Header Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-960L Wi-Fi cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server, which listens on TCP port 80 by default. A...
httpd: mod_proxy_uwsgi buffer overflow
A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...
httpd: mod_proxy_uwsgi buffer overflow
A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabilit...
Design/Logic Flaw
Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a static host buffer that has a limited length and can overflow. This can cause a copy of the Host header to fail, leaving that buffer uninitialized, which may leak...
PT-2019-2570 · Abb · Abb Idal Ftp Server
Name of the Vulnerable Software and Affected Versions: ABB IDAL HTTP server version SAP500900R0101 Description: The issue is related to a buffer overflow vulnerability in the HTTP server of the ABB IDAL tool. This occurs when a long Host header is sent in a web request, allowing an unauthenticate...
CVE-2019-8985
On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices possibly WF2411 through WF2880, there is a stack-based buffer overflow that does not require authentication. This can cause denial of service device restart or remote code execution. This vulnerability can be triggered by a GE...
CVE-2018-11013
Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 CN routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header...
DEBIAN-CVE-2016-10721
partclone.restore in Partclone 0.2.87 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to execute arbitrary code in the context of the user running the affected application...
CVE-2017-15996
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...