CVE-2019-9956

In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file...

Flash Player < 30.0.0.113 Multiple Vulnerabilities (APSB18-19)

Binary data 700434.prm...

openSUSE: Security Advisory for file (openSUSE-SU-2019:0345-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for file (moderate)

openSUSE Security Update: Security update for file Announcement ID: openSUSE-SU-2019:0345-1 Rating: moderate References: 1096974 1096984 1126117 1126118 1126119 Cross-References: CVE-2018-10360 CVE-2019-8905 CVE-2019-8906 CVE-2019-8907 Affected Products: openSUSE Leap 15.0 An update that solves...

CVE-2019-9767

Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wma file...

CVE-2019-9767

CVE-2019-9767 describes a stack-based buffer overflow in Free MP3 CD Ripper when converting files, triggered by specially crafted .wma inputs. The vulnerability affects at least versions 2.6 and 2.8, where processing certain WMA-containing payloads can overwrite the stack and allow arbitrary code...

CVE-2019-9767

Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wma file...

CVE-2018-17937

gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs...

Debian DSA-4405-1 : openjpeg2 - security update

Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, that could be leveraged to cause a denial of service or possibly remote code execution. - CVE-2017-17480 Write stack-based buffer overflow in the jp3d and jpwl codecs can result in a denial of service or...

SUSE SLED15 / SLES15 Security Update : file (SUSE-SU-2019:0571-1)

This update for file fixes the following issues : The following security vulnerabilities were addressed : CVE-2018-10360: Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service application crash via a crafted ELF file...

EulerOS Virtualization 2.5.2 : glibc (EulerOS-SA-2019-1086)

According to the version of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the...

CVE-2019-8263

UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service DoS condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This...

Rockwell Automation RSLinx Classic

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: RSLinx Classic Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to execute...

Denial Of Service (DoS)

libmatio.so is vulnerable to denial of service DoS attacks. The vulnerability exists through a possible stack-based buffer over-read in a memcpy operation in MatVarReadNextInfo5 in src/mat5.c, resulting in a denial of service condition when the vulnerability is exploited...

Security Bulletin: z/TPF is affected by GNU C library (glibc) vulnerabilities

Summary The GNU C library glibc provided with the z/TPF system was updated to address the vulnerabilities described by CVE-2011-1071 and CVE-2014-9761. Vulnerability Details CVEID: CVE-2011-1071 DESCRIPTION: GNU C Library could allow a remote attacker to execute arbitrary code on the system, caus...

Fedora 29 : file (2019-15f5147b27)

CVE-2019-8907 - remote denial of service in docorenote in readelf.c - CVE-2019-8905 - stack-based buffer over-read in docorenote in readelf.c - CVE-2019-8904 - stack-based buffer over-read in dobidnote in readelf.c - CVE-2019-8906 - out-of-bounds read in docorenote in readelf.c Note that Tenable...

(0Day) Advantech WebAccess Node spchapi Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within spchapi.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

Denial Of Service (DoS)

libmatio.so is vulnerable to denial of service DoS attack. The attack can be triggered when a malicious MAT file is passed to the function ReadNextCell in mat5.c, resulting in a stack-based buffer overflow and out-of-bounds read...

AIX 7.1 TL 5 : tcpdump (IJ12980)

https://vulners.com/cve/CVE-2018-19519 https://vulners.com/cve/CVE-2018-19519 Tcpdump is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the printprefix function of print-hncp.c. By using a specially-crafted packet data, a remote attacker could overflow a buffer...

AIX 7.2 TL 2 : tcpdump (IJ12982)

https://vulners.com/cve/CVE-2018-19519 https://vulners.com/cve/CVE-2018-19519 Tcpdump is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the printprefix function of print-hncp.c. By using a specially-crafted packet data, a remote attacker could overflow a buffer...