RHEL 6 : sudo (RHSA-2020:0726)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0726 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2019-14015

CVE-2019-14015 affects Snapdragon platforms (multiple APQ/SDM variants) where a stack-based buffer overflow occurs during the identification stage initialization due to inadequate validation of the number of templates. This vulnerability is rated HIGH (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A...

Stack overflow

fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when fradiusip1 is malformed...

CVE-2020-9534

fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when fradiusip1 is malformed...

CVE-2020-9535

fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetupWizard webpage parameter when fradiusip1 is malformed...

EulerOS 2.0 SP8 : sudo (EulerOS-SA-2020-1181)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

CVE-2015-9542

addpassword in pamradiusauth.c in pamradius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy. An attacker could send a crafted password to an application loading the pamradius library and crash it. Arbitrary code...

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2020-1103)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : sudo (EulerOS-SA-2020-1135)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1135)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : sudo (RHSA-2020:0540)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0540 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

Scientific Linux Security Update : sudo on SL7.x x86_64 (20200218)

Security Fixes : - sudo: Stack based buffer overflow when pwfeedback is enabled CVE-2019-18634 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid133789; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate",...

Stack overflow

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different...

: Viper RGB Driver Multiple Vulnerabilities

1. Advisory Information Title : Viper RGB Driver Multiple Vulnerabilities Advisory ID : CORE-2020-0001 Advisory URL : https://www.coresecurity.com/core-labs/advisories/viper-rgb-driver-multiple-vulnerabilities Date published : 2020-02-17 Date of last update : 2020-02-14 Vendors contacted : Patrio...

RHEL 8 : sudo (RHSA-2020:0487)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0487 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

CVE-2020-8962

CVE-2020-8962 describes a stack-based buffer overflow in the D-Link DIR-842 REVC, caused by the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint (firmware v3.13B09 HOTFIX). The provided documents do not explicitly detail the impact beyond the overflow descriptio...

CVE-2020-8962

A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint...

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka ‘Windows Remote Code Execution Vulnerability’. Recent assessments: zeroSteiner at March 17, 2020 8:31pm UTC reported: Analysis performed using ipnathlp.dll from Windows Server 2019 x64 sha256:...