CVE-2019-19786

CVE-2019-19786 concerns ATasm 1.06, with a stack-based buffer overflow in the parse_expr() function of setparse.c triggered by a crafted .m65 file. The Fedora-related advisories reference multiple ATasm CVEs for the same package (including CVE-2019-19786) and note updates to ATasm (e.g., 1.09) ad...

CVE-2019-19787

ATasm 1.06 has a stack-based buffer overflow in the getsignedexpression function in setparse.c via a crafted .m65 file...

Advantech DiagAnywhere FOLDER_REMOVE Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech DiagAnywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of FOLDERREMOVE messages. The issue results from the lack of proper...

Advantech DiagAnywhere FILE_CREATE Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech DiagAnywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of FILECREATE messages. The issue results from the lack of proper...

Advantech DiagAnywhere FILE_OPEN_RO Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech DiagAnywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of FILEOPENRO messages. The issue results from the lack of proper...

Adobe Acrobat < 2015.006.30508 / 2017.011.30156 / 2019.021.20058 Multiple Vulnerabilities (APSB19-55) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2015.006.30508, 2017.011.30156, or 2019.021.20058. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier,...

Adobe Reader < 2015.006.30508 / 2017.011.30156 / 2019.021.20058 Multiple Vulnerabilities (APSB19-55) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30508, 2017.011.30156, or 2019.021.20058. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier,...

EulerOS 2.0 SP2 : quagga (EulerOS-SA-2019-2408)

According to the versions of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Open Shortest Path First OSPF protocol implementations may improperly determine Link State Advertisement LSA recency for LSAs with...

EulerOS 2.0 SP2 : cifs-utils (EulerOS-SA-2019-2366)

According to the version of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pamcifscreds, allows remote attackers to have...

EulerOS 2.0 SP2 : ncurses (EulerOS-SA-2019-2420)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before...

CVE-2019-19630

CVE-2019-19630 affects HTMLDOC 1.9.7, enabling a stack-based buffer overflow in hd_strlcpy() (string.c) when triggered from render_contents in ps-pdf.cxx via a crafted HTML document. Connected advisories confirm the vulnerability and indicate fixes in later releases/updates across distributions (...

CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of...

CVE-2019-19334

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a...

CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of...

CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

CentOS Update for tcpdump CESA-2019:3976 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

tcpdump security update

CentOS Errata and Security Advisory CESA-2019:3976 An update for tcpdump is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

EulerOS Virtualization for ARM 64 3.0.3.0 : icu (EulerOS-SA-2019-2312)

According to the version of the icu package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The ucnvUTF8FromUTF8 function in ucnvu8.cpp in International Components for Unicode ICU for C/C++ through 60.1 mishandles...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2019-0225)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected by a vulnerability: - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might...