PHP 5.6.x < 5.6.34 Stack Buffer Overflow

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.34. It is, therefore, affected by a stack buffer overflow vulnerability. Note that the scanner has not attempted to exploit this issue but has instead relied only on the application's self-reported...

PHP 7.0.x < 7.0.28 Stack Buffer Overflow

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.28. It is, therefore, affected by a stack buffer overflow vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

PHP 7.2.x < 7.2.3 Stack Buffer Overflow

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.3. It is, therefore, affected by a stack buffer overflow vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version...

CVE-2018-17161

Affected software: FreeBSD bootpd server. Vulnerable component: bootpd in FreeBSD (BOOTP server). Root cause: insufficient validation of network-provided data in bootpd, triggering a stack buffer overflow. Affected versions: FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r34222...

SUSE SLES12 Security Update : php7 (SUSE-SU-2016:2683-1)

This update for php7 fixes the following security issue : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2766-1)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

The vulnerability of the Omron CX-Programmer development environment arises from buffer overflows in the stack, allowing attackers to execute arbitrary code.

The vulnerability of the Omron CX-Programmer, designed for programming and configuring Omron PLCs, as well as for configuring compatibility between Omron CX-Servers within the Omron CX-One software suite, arises due to buffer overflow in the stack. Exploiting this vulnerability allows an attacker...

SRC-2019-0029 : Foxit Reader PDF Printer proxyDoAction opcode 0x100000 Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

SRC-2019-0030 : Foxit Reader PDF Printer proxyGetAppEdition Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

harfbuzz/hb-shape-fuzzer: Stack-buffer-overflow in hb_array_t<char const>::cmp

Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5642666339991552 Project: harfbuzz Fuzzer: libFuzzerharfbuzzhb-shape-fuzzer Fuzz target binary: hb-shape-fuzzer Job Type: libfuzzerasanharfbuzz Platform Id: linux Crash Type: Stack-buffer-overflow...

Red Hat librelp Stack Buffer Overflow (CVE-2018-1000140)

A stack based buffer overflow exists in Red Hat librelp. This vulnerability is due to incorrect sanitisation of x509 certificates from a peer. Successful exploitation may result in remote code execution...

Advantech WebAccess/SCADA

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a stack buffer overflow condition. 3...

GNU inetutils &lt; 1.9.4 - &#039;telnet.c&#039; Multiple Overflows (PoC)

GNU inetutils = 1.9.4 telnet.c multiple overflows ================================================== GNU inetutils is vulnerable to a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escape restricted shells on embedded devices. Most modern...

wireshark/fuzzshark_ip_proto-udp: Stack-buffer-overflow in cdma2k_message_HANDOFF_DIR

Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=5742878135943168 Project: wireshark Fuzzer: aflwiresharkfuzzsharkipproto-udp Fuzz target binary: fuzzsharkipproto-udp Job Type: aflasanwireshark Platform Id: linux Crash Type:...

CVE-2018-1897

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 152462...

CyberLink LabelPrint 2.5 Stack Buffer Overflow

This module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and below. The vulnerability is triggered when opening a .lpp project file containing overly long string characters via open file menu. This results in overwriting a structured exception handler record and take over the...

Oracle Linux 7 : kernel (ELSA-2018-3651)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3651 advisory. - net rtnetlink: give a user socket to gettargetnet Jiri Benc 1639635 1630694 CVE-2018-14646 - net Add variants of capable for use on on sockets Jiri...

Rockwell Automation RSLinx Classic ENGINE.dll Stack Buffer Overflow

Binary data scadarslinxclassiccve-2018-14829.nbin...

Freeware Advanced Audio Decoder 2 Buffer Overflow Vulnerability

Freeware Advanced Audio Decoder 2 FAAD2 is a free advanced audio encoder. A stack buffer overflow vulnerability exists in the 'calculategain' function in the libfaad/sbrhfadj.c file in FAAD2 version 2.8.1, which can be exploited by an attacker to cause a denial of service or code execution...

libaom/av1_dec_fuzzer: Stack-buffer-overflow in highbd_dr_prediction_z1_64xN_avx2

Detailed report: https://oss-fuzz.com/testcase?key=5759400271151104 Project: libaom Fuzzer: afllibaomav1decfuzzer Fuzz target binary: av1decfuzzer Job Type: aflasanlibaom Platform Id: linux Crash Type: Stack-buffer-overflow READ 16 Crash Address: 0x7f0cdb2dc3f1 Crash State:...