5910 matches found
CVE-2023-48298 Integer underflow leading to stack overflow in FPC codec decompression
ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...
CVE-2023-48298 Integer underflow leading to stack overflow in FPC codec decompression
ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...
CVE-2023-48298
CVE-2023-48298 affects ClickHouse, specifically the FPC codec decompression path. The issue is an integer underflow that can crash the server via a stack buffer overflow, exploitable by an unauthenticated attacker. The vulnerability is described as similar to CVE-2023-47118; no explicit remediati...
CVE-2023-48298
ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. This vulnerability is an integer underflow resulting in crash due to stack buffer overflow in decompression of FPC codec. It can be triggered and exploited by an...
OSV-2023-1329 Stack-buffer-overflow in decNaNs
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65130 Crash type: Stack-buffer-overflow WRITE 2 Crash state: decNaNs decCompareOp decNumberCompare...
OSV-2023-1328 Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65128 Crash type: Stack-buffer-overflow WRITE 1 Crash state: icu75::TZDBTimeZoneNames::getMetaZoneNames icu75::TZDBTimeZoneNames::getMetaZoneDisplayName TestNames...
CVE-2023-33218
The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device...
Stack overflow
The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the targeted device...
CVE-2023-33219 Stack Buffer Overflow when checking retrofit package
The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted device...
CVE-2023-33218
CVE-2023-33218 involves a stack buffer overflow in the Parameter Zone Read/Write command handlers, potentially enabling Remote Code Execution on affected devices. The primary sources (NVD, Red Hat, CVE lists) describe a network-accessible vulnerability with high/severe impact (Confidentiality/Int...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2023-3445)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3377)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for json-c (EulerOS-SA-2023-3358)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-49992
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...
CVE-2023-49992
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...
UBUNTU-CVE-2023-49992
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...
CVE-2023-49992
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...
CVE-2023-49992
CVE-2023-49992 affects espeak-ng. Multiple connected feeds confirm a Stack Buffer Overflow in espeak-ng’s dictionary.c RemoveEnding function for version 1.52-dev. Impact and exploit details are not expanded beyond the overflow description in the sources; no vendor/server-side exploit notes are pr...
CVE-2023-49992
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...
CVE-2023-49992
Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...