Delta Electronics ISPSoft

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Delta Electronics Equipment: ISPSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the...

Ubuntu: Security Advisory (USN-3776-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-3999

Atlanti s Word Processor CVE-2018-3999 affects the JPEG parser in Atlantis Word Processor 3.2.5.0. A specially crafted embedded JPEG image can cause a length underflow, treated as unsigned, leading to a heap-based buffer overflow during decoding of JPEG markers (APPx handling) and subsequent copy...

CVE-2018-3999

An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and then used in a...

USN-3776-1: Linux kernel vulnerabilities

Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-17182 It was discovered that the...

Atlantis Word Processor JPEG length underflow code execution vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and then used ...

CVE-2018-17439

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5Sextentgetdims in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file...

Fuji Electric FRENIC Devices (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit/public exploits are available Vendor : Fuji Electric Equipment : FRENIC Loader, FRENIC-Mini C1, FRENIC-Mini C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace Vulnerabilities : Buffer Over-read,...

SUSE SLES11 Security Update : mgetty (SUSE-SU-2018:2850-1)

This update for mgetty fixes the following issues : CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752 CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reached i...

CVE-2018-10602

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files...

openSUSE Security Update : liblouis (openSUSE-2018-1039)

This update for liblouis fixes the following issues : Security issues fixed : - CVE-2018-11440: Fixed a stack-based buffer overflow in the function parseChars in compileTranslationTable.c bsc1095189 - CVE-2018-11577: Fixed a segmentation fault in loulogPrint in logging.c bsc1095945 -...

CVE-2018-17439

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5Sextentgetdims in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file...

CVE-2018-17439

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5Sextentgetdims in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file...

SUSE SLED12 / SLES12 Security Update : liblouis (SUSE-SU-2018:2780-1)

This update for liblouis, python-louis, python3-louis fixes the following issues : Security issues fixed : CVE-2018-11440: Fixed a stack-based buffer overflow in the function parseChars in compileTranslationTable.c bsc1095189 CVE-2018-11577: Fixed a segmentation fault in loulogPrint in logging.c...

Stack overflow

An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svgstring.c allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because a strncpy copy limit is miscalculated...

CVE-2018-17174

The CVE-2018-17174 affects the xtimor NMEA library (aka nmealib) up to version 0.5.3. The vulnerability is a stack-based buffer overflow in nmea_parse() (parser.c), allowing malformed data to trigger denial of service and, in certain contexts, potentially arbitrary code execution within a product...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker ca...

CVE-2018-3906

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack...

CVE-2018-3914

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker ca...