CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

openSUSE Security Update : u-boot (openSUSE-2019-2233)

This update for u-boot fixes the following issues : Security issues fixed : - CVE-2019-13106: Fixed stack-based buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount o...

Interpeak IPnet TCP/IP Stack (Update E)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment : OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and...

Debian: Security Advisory (DLA-1939-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : squashfs-tools (EulerOS-SA-2019-2092)

According to the versions of the squashfs-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial o...

3S CODESYS V3 CmpWebServer Multiple Vulnerabilities

Binary data scadacodesys2019-01.nbin...

SUSE SLED15 / SLES15 Security Update : u-boot (SUSE-SU-2019:2474-1)

This update for u-boot fixes the following issues : Security issues fixed : CVE-2019-13106: Fixed stack-based buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of da...

SUSE SLED15 / SLES15 Security Update : u-boot (SUSE-SU-2019:2475-1)

This update for u-boot fixes the following issues : Security issues fixed : CVE-2019-13106: Fixed stack-based buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of da...

Rockwell Automation CompactLogix <= v30.014 Uncontrolled Resource Consumption or Stack-based Buffer Overflow (ICSA-19-120-01)

Binary data 720278.prm...

EulerOS 2.0 SP3 : dcraw (EulerOS-SA-2019-2002)

According to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote...

CVE-2019-15026

memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conntostr in memcached.c...

CVE-2019-9719

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a...

Stack overflow

DISPUTED A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence o...

CVE-2019-9720

CVE-2019-9720 affects Libav 12.3: a stack-based buffer overflow in the subtitle decoder due to incorrect use of snprintf in libavcodec/srtdec.c (srt_to_ass). Exploitation via a crafted Matroska video file can corrupt the stack. No explicit remediation details are given in the provided documents; ...

CVE-2019-13556

Advantech WebAccess (versions 8.4.1 and earlier) contains stack-based buffer overflow vulnerabilities in multiple components (e.g., giffconv.exe, cnvlgxtag.exe, bwrunrpt.exe) caused by improper validation of the length of user-supplied data. Exploitation can lead to remote code execution with Adm...

CVE-2018-20336

CVE-2018-20336 affects ASUSWRT 3.0.0.4.384.20308. A stack-based buffer overflow in the parse_req_queries function of wanduck.c can be triggered by a long UDP string, leading to an information leak. Multiple connected records (Red Hat, CNVD/CVE mirrors, NVD) corroborate the issue and version. No e...

Advantech WebAccess Node cnvlgxtag Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within cnvlgxtag.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

EulerOS 2.0 SP2 : glibc (EulerOS-SA-2019-1844)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Stack-based buffer overflow in the glob implementation in GNU C Library aka glibc before 2.24, when GLOBALTDIRFUNC is used, allows...

EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2019-1928)

According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PH...