CVE-2020-7837

An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via acces...

CVE-2020-7837

The CVE-2020-7837 entry describes a stack-based buffer overflow in Infraware’s ML Report Program (MLReportDeamon.exe). The root cause is an unchecked vsprintf call within function sub_41EAF0, allowing attacker-supplied strings to overflow a stack buffer via crafted web page access. Affected produ...

Security Bulletin: Open Source Security issues for NPS console.

Summary Fixed Open Source issues for listed CVEs for NPS console. Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

EulerOS 2.0 SP5 : sox (EulerOS-SA-2020-2565)

According to the versions of the sox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsxvalloc macro that...

EulerOS 2.0 SP8 : tmux (EulerOS-SA-2020-2537)

According to the version of the tmux package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libsndfile Vulnerability (NS-SA-2020-0069)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libsndfile packages installed that are affected by a vulnerability: - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libsndfile Vulnerability (NS-SA-2020-0107)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libsndfile packages installed that are affected by a vulnerability: - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Vulnerability (NS-SA-2020-0096)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by a vulnerability: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is ...

Arbitrary Code Execution

binutils is vulnerable to arbitrary code execution. A stack-based buffer overflow in the ihexscan function in bfd/ihex.c allows remote attackers to crash the application and potentially allow for arbitrary code execution on the host OS via a malicious ihex file...

Stack overflow

sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

Buffer Overflow

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit...

Stack overflow

WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution...

CVE-2020-25014

A stack-based buffer overflow in fbwificontinue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet...

libupnp 1.6.18 Denial Of Service

Exploit Title: libupnp 1.6.18 - Stack-based buffer overflow DoS Date: 2020-08-20 Exploit Author: Patrik Lantz Vendor Homepage: https://pupnp.sourceforge.io/ Software Link: https://sourceforge.net/projects/pupnp/files/pupnp/libUPnP%201.6.6/libupnp-1.6.6.tar.bz2/download Version: = 1.6.6 Tested on:...

Stack overflow

499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...

CVE-2020-25159 Real Time Automation EtherNet/IP

499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...

CVE-2020-25189

The affected product is vulnerable to three stack-based buffer overflows, which may allow an unauthenticated attacker to remotely execute arbitrary code on the IP150 firmware versions 5.02.09...

Stack overflow

The affected product is vulnerable to three stack-based buffer overflows, which may allow an unauthenticated attacker to remotely execute arbitrary code on the IP150 firmware versions 5.02.09...

CVE-2020-25189

The affected product is vulnerable to three stack-based buffer overflows, which may allow an unauthenticated attacker to remotely execute arbitrary code on the IP150 firmware versions 5.02.09...

CVE-2020-19667

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7...