6913 matches found
Medium: kernel
Issue Overview: A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to...
The vulnerability of the mb_strtolower() function when using the UTF-32LE encoding in the PHP programming language allows attackers to execute arbitrary code.
The vulnerability of the mbstrtolower function when using the UTF-32LE encoding in the PHP programming language is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...
libfmt:fuzzer_named_arg: Stack-buffer-underflow in fmt::v6::basic_format_args<fmt::v6::basic_format_context<std::__1::back_insert_i
Detailed Report: https://oss-fuzz.com/testcase?key=5747676286287872 Project: libfmt Fuzzing Engine: libFuzzer Fuzz Target: fuzzernamedarg Job Type: libfuzzerasanlibfmt Platform Id: linux Crash Type: Stack-buffer-underflow READ 16 Crash Address: 0x7f200d9a6110 Crash State:...
tigervnc security update
1.9.0-14 - Bump build version Resolves: bz1819877 Resolves: bz1819879 Resolves: bz1819882 Resolves: bz1819886 Resolves: bz1819884 1.9.0-13 - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz1819877 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz1819879 - Fix...
openthread:ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::NetworkData::NetworkData::FindService
Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5726217824370688 Project: openthread Fuzzing Engine: libFuzzer Fuzz Target: ncp-uart-received-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ...
suricata:fuzz_sigpcap: Dynamic-stack-buffer-overflow in RetrieveFPForSig
Project: https://github.com/OISF/suricata.git Detailed Report: https://oss-fuzz.com/testcase?key=5682380569575424 Project: suricata Fuzzing Engine: libFuzzer Fuzz Target: fuzzsigpcap Job Type: libfuzzerasansuricata Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow WRITE 4 Crash Address...
wireshark:fuzzshark_ip: Stack-buffer-overflow in tvb_get_ipv4_addr_with_prefix_len
Project: https://code.wireshark.org/review/wireshark Detailed Report: https://oss-fuzz.com/testcase?key=5751611818508288 Project: wireshark Fuzzing Engine: libFuzzer Fuzz Target: fuzzsharkip Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address...
wireshark:fuzzshark_tcp_port-bgp: Stack-buffer-overflow in tvb_get_ipv4_addr_with_prefix_len
Project: https://code.wireshark.org/review/wireshark Detailed Report: https://oss-fuzz.com/testcase?key=5633955517956096 Project: wireshark Fuzzing Engine: libFuzzer Fuzz Target: fuzzsharktcpport-bgp Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Cras...
Oracle VirtualBox xHCI Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
ALPINE-CVE-2019-12519
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the...
Arbitrary Code Execution
samba is vulnerable to arbitrary code execution. A stack buffer overflow flaw was found in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash, or execute arbitrary code with the permissions of the Samba server...
Arbitrary Code Execution
top-pegasus is vulnerable to arbitrary code execution. A stack buffer overflow flaw was found in the PAM authentication code in the OpenPegasus CIM management server. An unauthenticated remote user could trigger this flaw and potentially execute arbitrary code with root privileges...
CVE-2019-11760
A flaw was discovered in Mozilla Firefox and Thunderbird where a fixed-stack buffer overflow could occur during WebRTC signalling. The vulnerability could lead to an exploitable crash or leak data...
CVE-2020-7065
A vulnerability was found in PHP while using the mbstrtolower function with UTF-32LE encoding, where certain invalid strings cause PHP to overwrite the stack-allocated buffer. This flaw leads to memory corruption, crashes, and potential code execution...
Internet Bug Bounty: mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full (CVE-2020-7065)
PHP bug report made public by the maintainers at the time of writing: https://bugs.php.net/bug.php?id=79371 Mitre CVE page: https://vulners.com/cve/CVE-2020-7065 Link to the release notes: https://www.php.net/ChangeLog-7.php7.4.4 Impact One of impacts is that the issue allows an attacker to...
CVE-2018-18064
cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c the generate and renderrows functions and cairo-image-compositor.c the cairoimagespansandzero function...
EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1359)
According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the...
CVE-2019-10097
A vulnerability was discovered in Apache httpd, in modremoteip. A trusted proxy using the "PROXY" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences. This issue...
SUSE-SU-2020:0832-1 Security update for glibc
This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution bsc1167631. -...
CVE-2019-11705
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1. Mitigation Thunderbird can be configured to use icaljs inste...