CVE-2019-25050

netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4getatt called from nc4getatttc and ncgetatttext and in uffdcleanup called from netCDFDataset::netCDFDataset and netCDFDataset::netCDFDataset...

openSUSE 15 Security Update : libjpeg-turbo (openSUSE-SU-2021:1958-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1958-1 advisory. - Libjpeg-turbo all version have a stack-based buffer overflow in the transform component. A remote attacker can send a malformed jpeg file to the...

openSUSE 15 Security Update : pam_radius (openSUSE-SU-2021:1896-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1896-1 advisory. - addpassword in pamradiusauth.c in pamradius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based...

Important: dhcp

Issue Overview: A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storag...

Amazon Linux AMI : glibc (ALAS-2021-1511)

The version of glibc installed on the remote host is prior to 2.17-322.181. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1511 advisory. A vulnerability was discovered in glibc where the LDPREFERMAP32BITEXEC environment variable is not ignored when running...

MGASA-2021-0331 Updated connman packages fix security vulnerability

Updated connman packages fix security vulnerability. ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA CVE-2021-33833...

Security update for libjpeg-turbo (moderate)

openSUSE Security Update: Security update for libjpeg-turbo Announcement ID: openSUSE-SU-2021:1958-1 Rating: moderate References: 1186764 Cross-References: CVE-2020-17541 CVSS scores: CVE-2020-17541 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An...

Stack overflow

A stack-based buffer overflow vulnerability exists in the PDF processfontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-21807

CVE-2021-21807 affects Accusoft ImageGear 19.9 (DICOM parse_dicom_meta_info). A vulnerability in parse_dicom_meta_info’s _size handling causes a stack-based buffer overflow when processing a specially crafted DICOM file. The issue is triggered via perform_some_read_operations using a size value o...

(0Day) Advantech WebAccess Node BwFreRPT Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwFreRPT.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

Advisory ROSA-SA-2021-1890

Software: libsndfile 1.0.25 OS: Cobalt 7.9 CVE-ID: CVE-2014-9756 CVE-Crit: CRITICAL CVE-DESC: The psffwrite function in fileio.c in libsndfile allows attackers to cause a denial of service division-by-zero error and application crash via undefined vectors associated with the headindex variable...

CVE-2021-36083

KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE...

CVE-2020-36406

uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree called from uWS::TopicTree::unsubscribeAll. NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application that uses uWebSockets should no...

CVE-2021-36082

ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello...

CVE-2021-36082

ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello...

CVE-2021-36082

CVE-2021-36082 affects ntop nDPI 3.4 and is due to a stack-based buffer overflow in processClientServerHello. The connected sources consistently report this vulnerability in ntop nDPI 3.4; no specific exploit details or patched versions are provided in the documents. The information confirms the ...

Debian DLA-2700-1 : htmldoc - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2700 advisory. A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS, and PDF, which could potentially result in the execution of arbitrar...

Updated dhcp packages fix a security vulnerability

A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information inleases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw allo...

CVE-2021-35474

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

CVE-2021-35474

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...