CVE-2018-20201

CVE-2018-20201 affects Espruino 2V00 and points to a vulnerability in the jsfNameFromString function in jsflash.c, where a stack-based buffer over-read can be triggered by a crafted JS file. Documented impact includes denial of service or possibly other unspecified effects. Connected sources conf...

Stack overflow

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

Stack overflow

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the SM array is mishandled...

CVE-2018-20194

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

CVE-2018-20196

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the SM array is mishandled...

CVE-2018-20194

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

CVE-2018-20197

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

CVE-2018-20196

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the SM array is mishandled...

CVE-2018-20194

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

CentOS Update for kernel CESA-2018:3651 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-16596

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

Security update for tcpdump (moderate)

This update for tcpdump fixes the following issues: Security issues fixed: - CVE-2018-19519: Fixed a stack-based buffer over-read in the printprefix function bsc1117267 This update was imported from the SUSE:SLE-15:Update update project...

There are vulnerabilities in NTPv4 that affect AIX.

IBM SECURITY ADVISORY First Issued: Fri Dec 14 12:20:13 CST 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/ntpadvisory11.asc https://aix.software.ibm.com/aix/efixes/security/ntpadvisory11.asc...

Schneider Electric GUIcon GD1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric GUIcon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within parsin...

CVE-2018-19118

CVE-2018-19118 affects Zoho ManageEngine ADAudit prior to version 5.1 build 5120. The issue is a stack-based buffer overflow in the handling of the 'Domain Name' field when adding a new domain, which allows remote attackers to cause a denial of service. Connected sources consistently describe thi...

CVE-2018-19118

Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service stack-based buffer overflow via the 'Domain Name' field when adding a new domain...

CVE-2018-20056

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter...

Stack overflow

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

CVE-2018-20004

CVE-2018-20004 affects Mini-XML (mxml) 2.12. It describes a stack-based buffer overflow in mxml_write_node (mxml-file.c) triggered via vectors involving a double-precision number and the substring . The issue is documented across multiple advisories (e.g., Mageia MGASA-2019-0159 and Fedora update...

CVE-2018-20004

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...