8440 matches found
Oracle Linux 6 : sudo (ELSA-2020-0726)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0726 advisory. - fixed CVE-2019-18634 Resolves: rhbz1799018 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
CVE-2020-10214
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...
Stack overflow
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...
CVE-2020-10214
Affected product: D-Link DIR-825 Rev.B (firmware 2.10). Vulnerability: stack-based buffer overflow in the httpd binary that can be triggered by a POST to ntp_sync.cgi with a sufficiently long ntp_server parameter. Impact: allows an authenticated user to execute arbitrary code on the device. Root ...
CVE-2020-10214
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...
RHEL 6 : sudo (RHSA-2020:0726)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0726 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CVE-2019-14015
CVE-2019-14015 affects Snapdragon platforms (multiple APQ/SDM variants) where a stack-based buffer overflow occurs during the identification stage initialization due to inadequate validation of the number of templates. This vulnerability is rated HIGH (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A...
Advantech WebAccess Buffer Overflow (CVE-2019-10991)
A stack-based buffer overflow vulnerability exists in Advantech WebAccess. The vulnerability is due to a lack of boundary checks while copying user-supplied data into a stack-based buffer within giffconv.exe. A remote, unauthenticated attacker could exploit this vulnerability by sending a...
CVE-2019-8904
dobidnote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintf and filevprintf...
Stack overflow
fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when fradiusip1 is malformed...
CVE-2020-9534
fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when fradiusip1 is malformed...
CVE-2020-9535
fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetupWizard webpage parameter when fradiusip1 is malformed...
EulerOS 2.0 SP8 : sudo (EulerOS-SA-2020-1181)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process...
Moxa EDS-G516E and EDS-510E Series Ethernet Switches
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...
CVE-2015-9542
addpassword in pamradiusauth.c in pamradius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy. An attacker could send a crafted password to an application loading the pamradius library and crash it. Arbitrary code...
EulerOS 2.0 SP5 : sudo (EulerOS-SA-2020-1135)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1135)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2020-1103)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3484
Multiple stack-based buffer overflows in the dnexpand function in network/dnexpand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to 1 have unspecified impact via an invalid name length in a DNS response or 2 cause a denial of service crash via an invalid name...