434 matches found
CVE-2019-9824
tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...
JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()
In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...
Information Disclosure
miniupnpc-vc140 is vulnerable to information disclosure. Failure to validate a return value obj-tosend from snprintf allows a user to send a value larger than the buffer's length to cause a heap memory leak...
CVE-2019-12107
The upnpeventprepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value...
CVE-2019-12107
The upnpeventprepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value...
UBUNTU-CVE-2019-12107
The upnpeventprepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value...
DEBIAN-CVE-2019-12107
The upnpeventprepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value...
CVE-2019-12107
The upnpeventprepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value...
PT-2019-12644 · Miniupnp +1 · Miniupnpd +1
Name of the Vulnerable Software and Affected Versions: MiniUPnPd versions prior to 2.1 Description: The issue allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value in the upnp event prepare function. Recommendations: For versions prior t...
SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1)
This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: Make sure that SLE12 version is higher than the one in SLE11...
The vulnerabilities of the functions jio_snprintf and jio_vsnprintf in the Eclipse OpenJ9 virtual machine allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the jiosnprintf and jiovsnprintf functions in the Eclipse OpenJ9 virtual machine is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to trigger buffer overflows and compromise the...
CVE-2019-9824
tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...
UBUNTU-CVE-2019-9824
tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...
JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()
In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...
JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()
In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...
Denial Of Service (DoS) Through Stack Buffer Overflow
librelp.so is vulnerable to denial of service DoS through stack-based buffer overflow attacks. The vulnerability exists in relpTcpChkPeerName of src/tcp.c where it was possible to overflow the call to snprintf when parsing a malicious x509 certificate, causing a denial of service DoS, and possibl...
glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service
It was found that usage of snprintf function in feature/locks translator of glusterfs server was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
Red Hat Gluster Storage glusterfs server denial of service vulnerability
Red Hat Gluster Storage is the United States Red Hat Red Hat company developed a horizontally scalable storage package for software , it can provide unstructured data storage. glusterfs server is one of the open source scalable network file system . A security vulnerability exists in the 'snprint...
DEBIAN-CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
UBUNTU-CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...