PoDoFo 0.9.5 - Buffer Overflow Vulnerability

Exploit for irix platform in category dos / poc Exploit Title: PoDoFo 0.9.5 - Stack-Based Buffer Overflow PoC Software Link: https://sourceforge.net/projects/podofo/ Vuln Version: 0.9.5 CVE: cve-2018-8002 Vulnerability Details: https://bugzilla.redhat.com/showbug.cgi?id=1548930 Exploit Author:...

PT-2018-3864

Name of the Vulnerable Software and Affected Versions NTP version 4.2.8p11 Eltex ESR-200 affected versions not specified NTP affected versions not specified Description The issue is related to the implementation of the NTP protocol, which can lead to security restrictions being bypassed. An...

Security Bulletin: Multiple vulnerabilities in the GNU C Library (glibc) affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in GNU glibc. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nssdns backend for the...

Security Bulletin: Vulnerability in GNU C Library(glibc) affects WebSphere DataPower XC10 Appliance(CVE-2015-7547) - Revised fix available

Summary A GNU C Libraryglibc vulnerability with a stack based overflow was addressed by WebSphere DataPower XC10 Appliance. On Friday March 11th 2016, a fix was published to resolve this security vulnerability. However, that fix needed revision. A corrected fix is now available. Vulnerability...

VulnCheck KEV: CVE-2018-5002

Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution...

CVE-2018-11575

ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg...

UBUNTU-CVE-2018-10771

Stack-based buffer overflow in the getkey function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

PT-2018-16243 · Nasa +1 · Cfitsio +1

Name of the Vulnerable Software and Affected Versions: NASA CFITSIO version 3.42 Description: The issue is related to a stack-based buffer overflow in the ffghtb function. This can be triggered by specially crafted images parsed via the library, potentially allowing an attacker to overwrite...

PMS 0.42 - Local Stack-Based Overflow (ROP)

PMS 0.42 - Local Stack-Based Overflow ROP Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while reading the...

PMS 0.42 - Local Stack-Based Overflow (ROP)

Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while reading the configuration file and parsing the malicious...

PMS 0.42 - Local Stack-Based Overflow (ROP) Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while readi...

CVE-2018-6638

A stack-based buffer overflow Remote Code Execution issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d...

AMD PSP fTPM Remote Code Execution Vulnerability

AMD PSP suffers from an fTPM remote code execution vulnerability that can be performed through a crafted EK certificate. Introduction ============ AMD PSP 1 is a dedicated security processor built onto the main CPU die. ARM TrustZone provides an isolated execution environment for sensitive and...

Zoom Linux Client 2.0.106600.0904 Buffer Overflow Vulnerability

The binary /opt/zoom/ZoomLauncher is vulnerable to a buffer overflow because it concatenates a overly long user input to a stack variable without checking if the destination buffer is long enough to hold the data. The binary also has important security features like canary turned off. The client...

PT-2017-15604 · Libxls · Libxls

Name of the Vulnerable Software and Affected Versions: libxls versions 1.3.4 through 1.4.0 Description: An out-of-bounds write vulnerability exists in the xls mergedCells function of libxls, allowing a specially crafted XLS file to cause memory corruption, potentially resulting in remote code...

CVE-2017-14016

A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.220170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the...

Important: wget

Issue Overview: Heap-based buffer overflow in HTTP protocol handling A heap-based buffer overflow, when processing chunked encoded HTTP responses, was found in wget. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit this flaw to potentially...

AZL-45246 CVE-2017-15372 affecting package sox 14.4.2.0-34

There is a stack-based buffer overflow in the lsxmsadpcmblockexpandi function of adpcm.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...

GMER Path Length Code Execution Vulnerability(CVE-2016-4289)

Summary A stack based buffer overflow vulnerability exists in the method receiving data from SysTreeView32 control of the GMER application. A specially created long path can lead to a buffer overflow on the stack resulting in code execution. An attacker needs to create path longer than 99...

SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2017:2618-1)

This update for dnsmasq fixes the following security issues : - CVE-2017-14491: 2 byte heap based overflow. bsc1060354 - CVE-2017-14492: heap based overflow. bsc1060355 - CVE-2017-14493: stack based overflow. bsc1060360 - CVE-2017-14494: DHCP - info leak. bsc1060361 - CVE-2017-14495: DNS - OOM Do...