Red Lion Crimson CD3 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Red Lion Crimson. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of C...

CVE-2019-13156

CVE-2019-13156 affects NDrive(1.2.2).sys in Naver Cloud Explorer and is described as a stack-based buffer overflow that allows denial of service when reading data from an IOCTL handle. The connected documents consistently report this same issue across multiple sources (NVD, Red Hat, CVE lists, CN...

EZAutomation EZ Touch Editor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: EZAutomation Equipment: EZ Touch Editor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the...

Stack overflow

memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conntostr in memcached.c...

Security Bulletin: Access Manager Client in IBM DataPower Gateways is vulnerable to a denial of service attack.

Summary IBM DataPower Gateways has addressed a vulnerability in the ISAM Access Manager Client component that could cause a denial of service. Vulnerability Details CVEID: CVE-2016-3706 DESCRIPTION: GNU C Library glibc or libc6 is vulnerable to a denial of service, caused by a stack-based buffer...

CVE-2019-15026

memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conntostr in memcached.c...

CVE-2019-15767

In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmdload function in frontend/cmd.cc via a crafted chess position in an EPD file...

SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:2237-1) (Internal Data Buffering)

This update for apache2 fixes the following issues : Security issues fixed : CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering bsc1145575. CVE-2019-10081: Fixed modhttp2 that is vulnerable to memory corruption on early pushes bsc1145742...

CVE-2019-13455

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c...

EulerOS 2.0 SP8 : dcraw (EulerOS-SA-2019-1817)

According to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote...

EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2019-1824)

According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can...

EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1795)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x befo...

CVE-2019-5041

CVE-2019-5041 affects Aspose.Words for C++ 18.11.0.0. A stack-based buffer overflow in EnumMetaInfo can be triggered by processing a crafted DOC file, causing remote code execution. Public TALOS advisory TALOS-2019-0805 documents the vulnerability in Aspose.Words for C++ 18.11.0.0, with CVSS v3.0...

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

(0Day) WECON LeviStudioU ShortMessage_Module SMtext Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

CVE-2019-5038

An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted Weave...

CVE-2019-5038

Nest Labs Openweave-core 4.0.2 is affected by CVE-2019-5038 in the print-tlv command. Cisco Talos describes a stack-based buffer overflow caused by a depth-unbounded TLV dump in the weave print-tlv flow, where DumpHandler copies up to 0x14 tabs into a 48-byte buffer, allowing overflow and potenti...

Nest Labs Openweave Weave tool Print-TLV code execution vulnerability

Summary An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted...

Fuji Electric Alpha5 SDP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Fuji Electric Alpha5 Smart Loader

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: Alpha5 Smart Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of...