imagemagick/ping_mng_fuzzer: Heap-buffer-overflow in mng_get_long

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5109602262712320 Project: imagemagick Fuzzer: aflimagemagickpingmngfuzzer Fuzz target binary: pingmngfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow...

Buffer Overflow Vulnerability in HOLLYWOOD LE5109L PLCs

HELISE Group is a professional automation company integrating R&D, production, sales and technical service. With integrated Ethernet, PROFIBUS-DP, RS232 and RS485 interfaces, HELISE's PLCs have been widely used in electric power, chemical industry, metallurgy, energy and other fields. A buffer...

imagemagick/ping_mng_fuzzer: Use-of-uninitialized-value in Magick_RenderingIntent_from_PNG_RenderingIntent

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6350986827268096 Project: imagemagick Fuzzer: libFuzzerimagemagickpingmngfuzzer Fuzz target binary: pingmngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

[SECURITY] Fedora 27 Update: nmap-7.60-8.fc27

Nmap is a utility for network exploration or security auditing. It supports ping scanning determine which hosts are up, many port scanning techniques determine what services the hosts are offering, and TCP/IP fingerprinting remote host operating system identification. Nmap also offers flexible ta...

Memory leak vulnerability in multiple Huawei products (CNVD-2018-07349)

Huawei S12700 and others are intelligent routing switches from Huawei China. A memory leak vulnerability exists in several Huawei products, which stems from a program failing to free memory when processing packets. An attacker can exploit the vulnerability by sending malformed MPLS Service PING...

Ping Identity: CSRF in Inviting users

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! Summary: add summary of the vulnerabili...

Memory corruption

Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00;...

CVE-2017-17141

Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00;...

CVE-2017-17141

Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00;...

CVE-2017-17141

CVE-2017-17141 corresponds to a memory-leak vulnerability across Huawei S12700 and various S/S系列 switches (e.g., S1700, S2700, S3700, S5700, S6700, S7700, S9700 and others) triggered by specific malformed MPLS Service PING messages. In affected firmware lines (V200R005C00 to V200R009C00 and relat...

iBall iB-WRA150N Remote Code Execution Vulnerability

The iBall iB-WRA150N is a wireless router product from iBall India. A remote code execution vulnerability exists in the iBall iB-WRA150N version 1.2.6 build 110401 Rel.47776n. A remote attacker can exploit this vulnerability to execute operating system commands with the help of shell metacharacte...

Multiple Vulnerabilities in iball Baton 150M Wireless-N ADSI.2+

The iball Baton 150M Wireless-N ADSI.2+ is a wireless router from iBall India. The iball Baton 150M Wireless-N ADSI.2+ router is vulnerable to hard-coded user credentials and remote command execution. A remote attacker can log in to the router's web management interface with hard-coded user...

CVE-2018-6388

iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page...

CVE-2018-6388

iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page...

iBall WRA150N - Multiple Vulnerabilities

iBall WRA150N - Multiple Vulnerabilities Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in iB-WRA150N devices, firmware 1.2.6 build 110401 Rel.47776n. iB-WRA150N is “a powerful solution to Internet connectivity at home, small offices and work stations. The ke...

iBall Multiple Vulnerabilities

Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in iB-WRA150N devices, firmware 1.2.6 build 110401 Rel.47776n. iB-WRA150N is “a powerful solution to Internet connectivity at home, small offices and work stations. The key is if you are using an ADSL2+ connectio...

D-Link DSL-2640U and DSL-2540U Remote Code Execution Vulnerability

The D-Link DSL-2640U and DSL-2540U are both router products from AUO D-Link. A remote code execution vulnerability exists in the diagping.cmd file in D-Link DSL-2640U devices with firmware versions IM1.00 and ME1.00 and DSL-2540U devices with firmware version ME1.00. A remote attacker can exploit...

Fedora 27 : perl-Net-Ping-External (2017-5adf087854)

Fixes a command injection vulnerability CVE-2008-7319 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

The vulnerability of the ping function in the Net::Ping::External extension for Perl allows a hacker to execute arbitrary commands.

The vulnerability of the ping function in the Net::Ping::External extension for Perl is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using metasynthesis...

Cambium Networks cnPilot File Path Traversal Vulnerability

Cambium Networks cnPilot is a cloud-enabled managed single-band router product from Cambium Networks, USA. web administrative console is one of the web administration console programs. A path traversal vulnerability exists in the 'ping' and 'traceroute' functions of the Web administrative console...