CVE-2019-11365

CVE-2019-11365 is a vulnerability in atftpd/atftp 0.7.1 where a crafted error packet (3 bytes or fewer) can trigger a stack-based buffer overflow due to an insecure strncpy in multiple files (tftpd_file.c, tftp_file.c, tftpd_mtftp.c, tftp_mtftp.c). Public advisories (Ubuntu, SUSE, OpenVAS/Nessus)...

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in GNU glibc (CVE-2018-11236)

Summary IBM Advanced Management Module AMM has addressed the following vulnerability in GNU glibc. Vulnerability Details CVEID: CVE-2018-11236 DESCRIPTION: GNU glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds of checking by the pathname arguments in the realpath...

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

openSUSE Security Update : file (openSUSE-2019-1197)

This update for file fixes the following issues : The following security vulnerabilities were addressed : - Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service application crash via a crafted ELF file bsc1096974...

openSUSE: Security Advisory for file (openSUSE-SU-2019:1197-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for file (moderate)

openSUSE Security Update: Security update for file Announcement ID: openSUSE-SU-2019:1197-1 Rating: moderate References: 1096974 1096984 1126117 1126118 1126119 Cross-References: CVE-2018-10360 CVE-2019-8905 CVE-2019-8906 CVE-2019-8907 Affected Products: openSUSE Leap 42.3 An update that solves...

Updated gpsd packages fix security vulnerability

A stack-based buffer overflow flaw was found in gpsd versions 2.90 to 3.17. Successful exploitation of this vulnerability could allow remote code execution, data exfiltration, or denial-of service via device crash CVE-2018-17937...

Stack overflow

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution RCE vulnerabilities exist, as with all buffer overflows, the possibility of RCE...

CVE-2019-9134

Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code...

Stack overflow

Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code...

Siemens SINEMA Remote Connect (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Remote Connect Client and Server Vulnerabilities: Incorrect Calculation of Buffer Size, Out-of-bounds Read, Stack-based Buffer Overflow, Improper Handling of Insufficient...

EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1207)

According to the version of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted...

EulerOS Virtualization 2.5.3 : glibc (EulerOS-SA-2019-1166)

According to the version of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the...

CVE-2019-11005

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a quoted font family value...

CVE-2019-10914

CVE-2019-10914 affects MatrixSSL 4.0.1 Open (used in Inside Secure TLS Toolkit). Root cause is a stack-based buffer overflow during X.509 certificate verification due to missing validation in psRsaDecryptPubExt (crypto/pubkey/rsa_pub.c). Public sources warn of potentially severe impact (high on C...

openSUSE: Security Advisory for liblouis (openSUSE-SU-2019:1160-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:1160-1 Security update for liblouis

This update for liblouis fixes the following issues: Security issues fixed: - CVE-2018-17294: Fixed an out of bounds read in matchCurrentInput function which could allow a remote attacker to cause Denail of Service bsc1109319. - CVE-2018-11410: Fixed an invalid free in the compileRule function in...

Security update for liblouis (moderate)

openSUSE Security Update: Security update for liblouis Announcement ID: openSUSE-SU-2019:1160-1 Rating: moderate References: 1094685 1095189 1095825 1095826 1095827 1095945 1097103 1109319 Cross-References: CVE-2018-11410 CVE-2018-11440 CVE-2018-11577 CVE-2018-11683 CVE-2018-11684 CVE-2018-11685...

CVE-2018-1936

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...