2086 matches found
SUSE SLES15 Security Update : ovmf (SUSE-SU-2019:0804-1)
This update for ovmf fixes the following issues : Security issues fixed : CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. CVE-2018-12181: Fixed a stack-based buffer overflow in...
DEBIAN-CVE-2019-9956
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file...
CVE-2017-16254
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP...
CVE-2017-16255
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP...
CVE-2017-16254
CVE-2017-16254 affects Insteon Hub 2245-222 (firmware 1012). The vulnerability is a stack-based buffer overflow in the PubNub message handler, caused by unconstrained strcpy operations when parsing JSON fields (e.g., flg, usr, pwd). Attack vectors shown in PoCs involve authenticated HTTP requests...
Through the Server Info in a buffer overflow to achieve the Steam client RCE-vulnerability warning-the black bar safety net
In Steam and other V social game such as CSGO, Half-Life, TF2, built-in a looking for a server browser server browser, and a game server. In order to obtain information about these server information, the server browser using a method called server query server queries a specific UDP communicatio...
openSUSE Security Update : curl (openSUSE-2019-173)
This update for curl fixes the following issues : Security issues fixed : - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...
UBUNTU-CVE-2019-6991
A classic Stack-based buffer overflow exists in the zmLoadUser function in zmuser.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username...
GattLib 0.2 - Stack Buffer Overflow Exploit
Exploit Title: stack-based overflow Exploit Author: Dhiraj Mishra Vendor Homepage: http://labapart.com/ Software Link: https://github.com/labapart/gattlib/issues/81 Version: 0.2 Tested on: Linux 4.15.0-38-generic CVE: CVE-2019-6498 References: https://github.com/labapart/gattlib/issues/81...
HTML5 Video Player 1.2.5 - Buffer Overflow Exploit
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HTML5 Video Player 1.2.5 - Buffer Overflow SEH', 'Description' = %q This...
zsh: Stack-based buffer overflow in exec.c:hashcmd()
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd function. A local attacker could exploit this to cause a denial of service...
CVE-2018-17929
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying data from project files onto the stack and may allow an...
Security update for mgetty (important)
This update for mgetty fixes the following issues: - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752. - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reach...
Stack overflow
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
CVE-2018-16743
CVE-2018-16743 affects mgetty prior to 1.2.1. In contrib/next-login/login.c, the username command-line parameter is passed unsanitized to strcpy(), causing a stack-based buffer overflow. This is a local vulnerability with potential partial confidentiality/integrity/availability impact. Mitigation...
SIPP 3.3 Stack-Based Overflow
Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: SIPP 3.3 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while reading the configuration file and parsing the malicious...
CVE-2017-16337
The CVE-2017-16337 entry concerns Insteon Hub 2245-222 devices with firmware 1012, where PubNub message handling can trigger a stack-based buffer overflow via unconstrained strcpy calls when processing JSON fields such as cmd, usr, pwd, etc. The vulnerability arises from copying user-supplied val...
CVE-2018-3867
CVE-2018-3867 describes a stack-based buffer overflow in Samsung SmartThings Hub (STH-ETH-250) video-core HTTP server. The vulnerability exists in the samsungWifiScan callback handling during camera discovery, where the hub constructs a POST to a callback URL using an unconstrained camera respons...
CVE-2018-3847
Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this...
Antenna House Office Server Document Converter vbputanld code execution vulnerability
Summary An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in...