EulerOS 2.0 SP2 : squashfs-tools (EulerOS-SA-2019-1871)

According to the versions of the squashfs-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial o...

Updated tcpflow packages fix security vulnerability

Updated tcpflow package fixes security vulnerability: A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call CVE-2018-18409...

3S-Smart Software Solutions GmbH CODESYS V3 Web Server

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 web server Vulnerabilities: Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Fuji Electric Alpha5 WPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2019-14457

Vulnerability CVE-2019-14457 affects VIVOTEK IP Camera devices running firmware prior to 0x20x. The flaw is a stack-based buffer overflow triggered by a crafted HTTP header, potentially allowing arbitrary code execution. NVD metrics show a high/critical impact with network access and no user inte...

CVE-2019-3975

Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message...

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: TPEditor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

Debian DLA-1913-1 : memcached security update

It was discovered that there was a stack-based buffer over-read in memcached, the in-memory object caching system. For Debian 8 'Jessie', this issue has been fixed in memcached version 1.4.21-1.1+deb8u3. We recommend that you upgrade your memcached packages. NOTE: Tenable Network Security has...

CVE-2019-16115

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...

CVE-2019-16115

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...

CVE-2019-16115

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...

CVE-2019-16115

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...

CVE-2019-10892

An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnapmain at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it finally leads to a...

CVE-2019-10892

An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnapmain at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it finally leads to a...

CVE-2019-10892

The CVE-2019-10892 issue affects D-Link DIR-806 devices. A stack-based buffer overflow exists in function hnap_main in /htdocs/cgibin, triggered when the server processes specially crafted HTTP headers. The code path calls sprintf without validating the length of input strings from HTTP headers, ...