160 matches found
Buffer overflow
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960...
AIX 7.2 TL 2 : tcpdump (IJ20784)
https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP. The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint. The LMP parser in...
Buffer overflow
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481...
CVE-2019-4523
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481...
CVE-2019-12807
Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code...
DEBIAN-CVE-2019-14513
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...
Out-of-bounds
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...
CVE-2019-4087
IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could...
Stack overflow
TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevate...
CVE-2019-6989
CVE-2019-6989 describes a stack-based buffer overflow in TP-LINK TL-WR940N (and TL-WR941ND) caused by improper bounds checking in ipAddrDispose. The vulnerability can be triggered by specially crafted ICMP echo requests, allowing a remote authenticated attacker to overflow a buffer and execute ar...
Citrix NetScaler Gateway and Citrix Application Delivery Controller Buffer Overflow Vulnerability
Citrix Systems NetScaler Gateway and Citrix Application Delivery Controller ADC Citrix NetScaler Gateway and Citrix Application Delivery Controller are both products of Citrix Systems NetScaler Gateway and Citrix Application Delivery Controller are both products of Citrix Systems, Inc.Citrix...
CVE-2018-4308
An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14...
CVE-2018-1936
IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...
Security Bulletin: Vulnerability in GNU C Library (glibc) affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-3075)
Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN Scalable Switch. IBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the vulnerability. Vulnerability Details Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN...
CVE-2018-1897
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 152462...
CVE-2016-6559
Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. According to analysis by...
CVE-2016-6559
CVE-2016-6559 concerns the BSD libc function link_ntoa() in linkaddr.c, where the obuf bounds are mishandled. The root cause is improper bounds checking, which could allow memory read/write. Public analyses from FreeBSD indicate it is unlikely that applications expose an exploitable use of link_n...
Security Bulletin: Vulnerabilities in wget affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in wget. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-13090 DESCRIPTION: GNU wget is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the fdreadbody function in src/retr.c. By...
Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Performance Management products (CVE-2016-0729 )
Summary Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Identity Governance
Summary Vulnerabilities in Open Source openssl that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2016-2105 DESCRIPTION: OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVPEncodeUpdate function. By sending an overly...