CVE-2019-8356

SoX 14.4.2 contains a stack-based buffer overflow in fft4g.c: an unguarded argument to bitrv2 can write outside the statically declared array (CVE-2019-8356). Connected sources (EulerOS/NESSUS entries) confirm this exact issue for SoX 14.4.2 and list it among related SoX vulnerabilities, without ...

EulerOS 2.0 SP3 : ntp (EulerOS-SA-2019-1037)

According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ntp: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution CVE-2018-12327 Note that Tenable Network Security has...

openSUSE: Security Advisory for curl (openSUSE-SU-2019:0173-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

EulerOS 2.0 SP5 : libsndfile (EulerOS-SA-2019-1030)

According to the version of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application cra...

openSUSE Security Update : curl (openSUSE-2019-174)

This update for curl fixes the following issues : Security issues fixed : - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...

Security update for curl (important)

openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2019:0174-1 Rating: important References: 1123371 1123377 1123378 Cross-References: CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilities is now...

CVE-2018-7814

A Stack-based Buffer Overflow CWE-121 vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 Gold Build 683.0 which could cause remote code to be executed when parsing a GD1 file...

CVE-2019-3822

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message, generates the request HTTP header contents based on previously received data. The check that exists ...

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2019:0248-1)

This update for curl fixes the following issues : Security issues fixed : CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. CVE-2019-3822: Fixed a stack-based buffer overflow in the function creating an outgoing NTLM type-3 message...

Security Bulletin: Vulnerabilities in Ncurses affect IBM Chassis Management Module (CMM)

Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in Ncurses. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in Ncurses. Vulnerability Details CVEID: CVE-2017-13731 Description: Ncurses is vulnerable ...

Security Bulletin: Vulnerability in GNU C Library affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware (CVE-2016-1234)

Summary IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the following vulnerability in GNU C Library. Vulnerability Details Summary IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the following vulnerability i...

Security Bulletin: Vulnerability in GNU C Library (glibc) affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-3075)

Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN Scalable Switch. IBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the vulnerability. Vulnerability Details Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN...

Security Bulletin: Vulnerabilities in cracklib, dhcp, expat, libgcrypt and lighttpd affect IBM Flex System Chassis Management Module (CMM)

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities. Vulnerability Details Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities. Vulnerability Details: CVEID: CVE-2016-6318 Description: cracklib is vulnerab...

Security Bulletin: IBM Systems Director is affected by DB2 vulnerabilities (CVE-2013-4033, CVE-2013-5466, CVE-2012-2194, CVE-2012-2196, CVE-2012-2197 and CVE-2012-4826)

Summary IBM Systems Director is affected by DB2 vulnerabilities CVE-2013-4033, CVE-2013-5466, CVE-2012-2194, CVE-2012-2196, CVE-2012-2197 and CVE-2012-4826 Vulnerability Details Abstract IBM Systems Director is affected by DB2 vulnerabilities CVE-2013-4033, CVE-2013-5466, CVE-2012-2194,...

(0Day) Wecon LeviStudioU SysParameter ComSet CheckBit Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

(0Day) Wecon LeviStudioU SysParameter ComSet BaudRate Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

(0Day) Wecon LeviStudioU DataLogTool History Curve Set Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DataLogTool.ex...

(0Day) Wecon LeviStudioU DataLogTool Edit Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DataLogTool.ex...

ZoneMinder <= 1.32.3 Multiple Vulnerabilities

ZoneMinder is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zoneminder:zoneminder"; if...

Security update for libraw (moderate)

openSUSE Security Update: Security update for libraw Announcement ID: openSUSE-SU-2019:0094-1 Rating: moderate References: 1120498 1120499 1120500 1120515 1120516 1120517 1120519 Cross-References: CVE-2018-20337 CVE-2018-20363 CVE-2018-20364 CVE-2018-20365 CVE-2018-5817 CVE-2018-5818 CVE-2018-581...