USN-5889-1: ZoneMinder vulnerabilities

It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...

Tenda AX3 SetSysTimeCfg Stack Buffer Overflow Vulnerability

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from a stack overflow vulnerabili...

OSV-2023-113 Stack-buffer-overflow in dump_stats

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56339 Crash type: Stack-buffer-overflow READ 4 Crash state: dumpstats flacanalyzeframe writecallback...

Debian dla-3335 : asterisk - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3335 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3335-1 [email protected]...

K73540515: Linux kernel vulnerability CVE-2018-14633

Security Advisory Description A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 1...

OSV-2023-88 Stack-buffer-overflow in pdfi_read_cff_dict

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56156 Crash type: Stack-buffer-overflow WRITE 1 Crash state: pdfireadcffdict pdfireadcffdict pdfireadcfffont...

PT-2023-36024 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details about the crash include the crash type being a Stack-buffer-overflow WRITE 1. Th...

FreeBSD : libde256 -- multiple vulnerabilities (421c0af9-b206-11ed-9fe5-f4a47516fb57)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 421c0af9-b206-11ed-9fe5-f4a47516fb57 advisory. - libde265 v1.0.4 contains a heap buffer overflow in the putepelhvfallback function, which can...

OSV-2023-84 Stack-buffer-overflow in parse_regex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56121 Crash type: Stack-buffer-overflow READ 1 Crash state: parseregex parseregex parseregex...

Siemens JT Open Toolkit Stack Buffer Overflow Vulnerability

Siemens JT Open Toolkit Siemens JTTK is a C++ application programming interface API from Siemens, Germany. It provides support for 64-bit application development on Microsoft Windows, Linux and MacOS. Siemens JT Open Toolkit suffers from a stack buffer overflow vulnerability that can be exploited...

Adobe Bridge Stack Buffer Overflow Vulnerability (CNVD-2023-13735)

Adobe Bridge is a file viewer from Adobe. Adobe Bridge is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

Adobe Animate stack buffer overflow vulnerability

Adobe Animate is a Flash animation software from Adobe. Adobe Animate is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

SUSE CVE-2019-11759

An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

SUSE CVE-2019-11760

A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...

SUSE CVE-2020-36131

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/ratehist.c...

SUSE CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

SUSE CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

Adobe Animate 缓冲区错误漏洞

Adobe Animate is a Flash animation software from Adobe. Adobe Animate is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

Advisory ROSA-SA-2023-2113

Software: kernel 3.10.0-1160.83.1.el7 OS: rosa-server79 packageevrstring: kernel-3.10.0-1160.83.1.el7 CVE-ID: CVE-2023-0179 BDU-ID: 2023-00383 CVE-Crit: HIGH CVE-DESC: A vulnerability in the netfilter component of the Linux operating system kernel is related to a stack buffer overflow in nftables...

Wago PFC200 iocheckd service 'I/O-Check' cache Code Execution (CVE-2019-5179)

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service I/O-Check' functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. This plugin only works with Tenable.ot...