CVE-2019-14897

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service system crash or, possibly execute arbitrary code, when a STA works in IBSS mode allows connecting stations together without the use of ...

openSUSE Security Update : cups (openSUSE-2019-2573)

This update for cups fixes the following issues : - CVE-2019-8675: Fixed a stack-based buffer overflow in libcups's asn1gettype functionbsc1146358. - CVE-2019-8696: Fixed a stack-based buffer overflow in libcups's asn1getpacked function bsc1146359. This update was imported from the...

CVE-2011-3630

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink...

CVE-2019-14897

A stack-based buffer overflow was found in the Linux kernel's Marvell WiFi chip driver. An attacker is able to cause a denial of service system crash or, possibly execute arbitrary code, when a STA works in IBSS mode allows connecting stations together without the use of an AP and connects to...

Amazon Linux 2 : ntp (ALAS-2019-1367)

The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted hostname. Applications using these vulnerable utilities with an untrusted input may be potentially exploited, resulting in a crash or arbitrary code execution under...

SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2019:3030-1)

This update for cups fixes the following issues : CVE-2019-8675: Fixed a stack-based buffer overflow in libcups's asn1gettype functionbsc1146358. CVE-2019-8696: Fixed a stack-based buffer overflow in libcups's asn1getpacked function bsc1146359. Note that Tenable Network Security has extracted the...

SUSE-SU-2019:3034-1 Security update for aspell

This update for aspell fixes the following issues: - CVE-2019-17544: Fixed a stack-based buffer over-read in acommon:unescape in common/getdata.cpp via an isolated backslash bsc1153892...

CVE-2018-8879

CVE-2018-8879 affects Asuswrt-Merlin firmware on ASUS devices: stack-based buffer overflow in the blocking.asp page, triggered by long input via GET/POST. Vulnerable parameters are flag, mac, and cat_id. Impact stated: remote code execution with arbitrary code, for devices running ASUS firmware b...

CVE-2018-8879

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters ar...

CVE-2014-5439

SniffIt before 0.3.7 contains multiple stack-based buffer overflow vulnerabilities triggered by crafted configuration files, allowing arbitrary code execution (as reported across NVD/OSV/Ubuntu/Debian advisories). The issue bypasses NX/SSP/ASLR protections and is documented in multiple feeds (NVD...

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

CVE-2019-18930

Summary (CVE-2019-18930): Western Digital My Cloud EX2 Ultra firmware 2.31.183 is affected by a stack-based buffer overflow that allows remote code execution via web access. The flaw stems from missing size verification in a function within libscheddl.so and the handling of large f_idx inputs in ...

openSUSE Security Update : MozillaThunderbird (openSUSE-2019-2452)

This update for MozillaThunderbird to version 68.2.1 provides the following fixes : - Security issues fixed bsc1154738 : - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB bsc1154738. -...

Control Center PRO 6.2.9 - Local Stack Based Buffer Overflow (SEH)

Exploit Title: Control Center PRO 6.2.9 - Local Stack Based BufferOverflow SEH Date: 2019-11-09 Exploit Author: Samir sanchez garnica @sasaga92 Vendor Homepage: http://www.webgateinc.com/wgi/eng/products/list.php?ecidx1=P610 Software Link:...

EulerOS 2.0 SP5 : glibc (EulerOS-SA-2019-2155)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address...

EulerOS 2.0 SP5 : cifs-utils (EulerOS-SA-2019-2131)

According to the version of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pamcifscreds, allows remote attackers to have...

[SECURITY] [DSA 4561-1] fribidi security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4561-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 08, 2019 https://www.debian.org/security/faq -...

Ubuntu: Security Advisory (USN-4179-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-2211)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - dict.c in libxml2 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via an unexpected...

EulerOS 2.0 SP5 : quagga (EulerOS-SA-2019-2228)

According to the versions of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor...