EulerOS Virtualization 3.0.2.2 : sudo (EulerOS-SA-2020-2196)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged...

EulerOS 2.0 SP9 : sudo (EulerOS-SA-2020-2237)

According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process...

openSUSE Security Update : transfig (openSUSE-2020-1702)

This update for transfig fixes the following issues : Security issue fixed : - CVE-2019-14275: Fixed stack-based buffer overflow in the calcarrow function bsc1143650. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and...

Security update for transfig (moderate)

openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2020:1702-1 Rating: moderate References: 1143650 Cross-References: CVE-2019-14275 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for transfi...

Fieldcomm Group HART-IP and hipserver

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fieldcomm Group Equipment: HARP-IP Developer kit, hipserver Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being...

CVE-2020-26913

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR5...

Stack overflow

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR5...

CVE-2020-26572

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcosdecipher...

CVE-2020-26571

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit...

CVE-2020-26572

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcosdecipher...

Security Bulletin: Version 5.0.5 of Redis included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability (CVE-2020-14147)

Summary Security Bulletin: Version 5.0.5 of Redis included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-14147 DESCRIPTION: Redis is vulnerable to a denial of service, caused by an integer overflow in the getnum function in luastruct....

Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2020-2047)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : libsoup (EulerOS-SA-2020-2047)

According to the versions of the libsoup package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A stack-based buffer overflow flaw was discovered within the HTTP processing of libsoup. A remote attacker could explo...

MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation

/ Exploit Title: MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation Date: 2020-09-24 Exploit Author: Matteo Malvica Vendor Homepage: https://www.msi.com Software Link: https://msi.gm/ABLTMNB Driver: MSIO64.sys SHA256: 525D9B51A80CA0CD4C5889A96F857E73F3A80DA1FFBAE59851E0F51BDFB0B6CD...

Security Bulletin: IBM Event Streams is affected by a Redis vulnerability (CVE-2020-14147)

Summary IBM Event Streams is affected by a Redis vulnerability utlised by the UI component Vulnerability Details CVEID: CVE-2020-14147 DESCRIPTION: Redis is vulnerable to a denial of service, caused by an integer overflow in the getnum function in luastruct.c in Redis. By sending a specially...

Denial Of Service (DoS)

ufraw is vulnerable to stack-based buffer overflow. It is due to a flaw in the findgreen function, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...

(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(0Day) Fatek Automation PLC WinProladder SPF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation PLC WinProladder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...