Amazon Linux AMI : tigervnc (ALAS-2021-1470)

The version of tigervnc installed on the remote host is prior to 1.8.0-21.34. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1470 advisory. TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack...

OSV-2017-119 Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3376 Crash type: Stack-buffer-overflow READ 2 Crash state: ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId ot::NetworkData::Leader::HandleCommissioningSet ot::Coap::Coap::ProcessReceivedRequest...

OSV-2021-152 Stack-buffer-overflow in ot::NetworkData::ServerTlv::GetServer16

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5878 Crash type: Stack-buffer-overflow READ 2 Crash state: ot::NetworkData::ServerTlv::GetServer16 ot::NetworkData::Leader::RlocLookup ot::NetworkData::Leader::RegisterNetworkData...

OSV-2017-53 Stack-buffer-overflow in _psl_idna_toASCII

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2600 Crash type: Stack-buffer-overflow READ Crash state: pslidnatoASCII addpunycodeifneeded pslloadfp...

OSV-2018-192 Stack-buffer-overflow in highbd_dr_prediction_z1_64xN_avx2

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11517 Crash type: Stack-buffer-overflow READ 16 Crash state: highbddrpredictionz164xNavx2 av1highbddrpredictionz1avx2 av1predictintrablock...

OSV-2018-182 Stack-buffer-overflow in cdma2k_message_HANDOFF_DIR

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11633 Crash type: Stack-buffer-overflow READ 2 Crash state: cdma2kmessageHANDOFFDIR cdma2kmessagedecode dissectcdma2k...

OSV-2018-173 Stack-buffer-overflow in nullable_memcpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10865 Crash type: Stack-buffer-overflow READ Crash state: nullablememcpy nshkeytoattr parseodppushnshaction...

OSV-2018-155 Stack-buffer-overflow in cff_parser_run

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9865 Crash type: Stack-buffer-overflow READ 8 Crash state: cffparserrun cffsubfontload cfffontload...

OSV-2018-130 Stack-buffer-overflow in parse_tables

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12466 Crash type: Stack-buffer-overflow WRITE 7 Crash state: parsetables processblock douncompressfile...

OSV-2018-73 Stack-buffer-overflow in hb_array_t<char const>::cmp

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11908 Crash type: Stack-buffer-overflow READ 4 Crash state: hbarrayt::cmp OT::post::acceleratort::cmpkey hbbsearchr...

OSV-2021-52 Stack-buffer-overflow in ot::KeyManager::SetMasterKey

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7766 Crash type: Stack-buffer-overflow READ 16 Crash state: ot::KeyManager::SetMasterKey ot::MeshCoP::Dataset::ApplyConfiguration ot::MeshCoP::DatasetManager::Set...

Backdoor.Win32.Kurbadur.a Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/821d3d5a9b15dc3388fe17f233cce296.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Kurbadur.a Vulnerability: Remote Stack Buffer Overflow Description: The malware liste...

SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2021:0081-1)

This update for ImageMagick fixes the following issues : CVE-2020-19667 bsc1179103: Stack buffer overflow in XPM coder could result in a crash Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

SUSE-SU-2021:0081-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2020-19667 bsc1179103: Stack buffer overflow in XPM coder could result in a crash...

Backdoor.Win32.Levelone.a Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6a2d09c4527cf222e4e2571b074fcc0c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Levelone.a Vulnerability: Remote Stack Buffer Overflow Description: The malware liste...

Backdoor.Win32.NinjaSpy.c Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NinjaSpy.c Vulnerability: Remote Stack Buffer Overflow Description: The specimen drop...

Foxit Reader and PhantomPDF Competitive Conditions Vulnerability (CNVD-2021-04397)

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader and PhantomPDF. An attacker could exploit the vulnerability to cause a stack buffer overflow or out-of-bounds read...

Foxit Reader and PhantomPDF Competitive Conditions Vulnerability (CNVD-2021-04398)

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader and PhantomPDF. An attacker could exploit the vulnerability to cause a stack buffer overflow or out-of-bounds read...

Foxit Reader and PhantomPDF 竞争条件问题漏洞

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader and PhantomPDF. An attacker could exploit the vulnerability to cause a stack buffer overflow or out-of-bounds read...

OSV-2021-16 Stack-buffer-overflow in JS::Heap::gather_conservative_roots

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29266 Crash type: Stack-buffer-overflow READ 8 Crash state: JS::Heap::gatherconservativeroots JS::Heap::gatherroots JS::Heap::collectgarbage...