CVE-2020-19667

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7...

IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - Buffer Overflow Exploit

Exploit Title: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec Vendor Homepage: https://www.ibm.com/support/knowledgecenter/en/SSGSG77.1.0/com.ibm.itsm.tsm.doc/welcome.html Version: 5.2.0.1...

CVE-2020-19667

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7...

CVE-2020-19667

CVE-2020-19667: ImageMagick 7.0.10-7 contains a stack-based buffer overflow and unconditional jump in ReadXPMImage (coders/xpm.c). This CVE entry is based on the description for ImageMagick; exploitation details or mitigation are not provided in the connected documents.

RHEL 8 : liblouis (RHSA-2020:1708)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1708 advisory. Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and...

Paradox IP150 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Paradox Equipment: IP150 Vulnerabilities: Stack-based Buffer Overflow, Classic Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...

WECON LeviStudioU HFT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of H...

ICSA-20-315-01_OSIsoft PI Interface for OPC XML-DA

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: OSIsoft Equipment: PI Interface Vulnerability: Numeric Errors 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker-controlled OPC XML-DA Server to respond with a...

CVE-2020-28373

CVE-2020-28373 concerns NETGEAR devices where the upnpd service is vulnerable to a stack-based buffer overflow, enabling remote code execution from the LAN. Affected models include R6400v2 (v1.0.4.102_10.0.75) and R6400 (v1.0.1.62_1.0.41), R7000P (v1.3.2.126_10.1.66), XR300 (v1.0.3.50_10.3.36), R...

CVE-2020-28373

upnpd on certain NETGEAR devices allows remote LAN attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.10210.0.75, R6400 V1.0.1.621.0.41, R7000P V1.3.2.12610.1.66, XR300 V1.0.3.5010.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST...

Stack overflow

In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output...

In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871

FireEye Mandiant has been investigating compromised Oracle Solaris machines in customer environments. During our investigations, we discovered an exploit tool on a customer’s system and analyzed it to see how it was attacking their Solaris environment. The FLARE team’s Offensive Task Force analyz...

CVE-2020-27347

In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output...

EulerOS 2.0 SP2 : php (EulerOS-SA-2020-2384)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, o...

Medium: geronimo-jaxrpc

Issue Overview: Liblouis 3.5.0 has a Segmentation fault in loulogPrint in logging.c. CVE-2018-11577 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. CVE-2018-11684 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function...

EulerOS 2.0 SP9 : sudo (EulerOS-SA-2020-2238)

According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process...

CVE-2020-26561

Belkin LINKSYS WRT160NL 1.0.04.002US20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in createdir in minihttpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintai...

CVE-2020-26561

Belkin LINKSYS WRT160NL devices (version 1.0.04.002_US_20130619) are affected by a stack-based buffer overflow in mini_httpd’s create_dir function caused by sprintf. Successful exploitation can lead to arbitrary code execution. The vulnerability affects products no longer supported by the maintai...

CVE-2020-26561

Belkin LINKSYS WRT160NL 1.0.04.002US20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in createdir in minihttpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintai...

CVE-2020-26561

Belkin LINKSYS WRT160NL 1.0.04.002US20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in createdir in minihttpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintai...