6912 matches found
Internet Bug Bounty: Squid as reverse proxy RCE and data leak
Summary: This was a very difficult experience as Squid maintainers took a long time to answer. I tried getting help from HackerOne support, Dropbox support and the Internet Bug Bounty never e-mailed me back to no avail. What could have taken a few days took months. The vulnerability concerns a...
NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0003)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive...
[SECURITY] [DLA 2068-1] linux security update
Package : linux Version : 3.16.81-1 CVE ID : CVE-2019-2215 CVE-2019-10220 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15098 CVE-2019-15217 CVE-2019-15291 CVE-2019-15505 CVE-2019-16746 CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056 CVE-2019-1713...
CVE-2019-15695
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values...
binutils:fuzz_disassemble: Stack-buffer-overflow in buffer_read_memory
Detailed Report: https://oss-fuzz.com/testcase?key=5720058865385472 Project: binutils Fuzzing Engine: afl Fuzz Target: fuzzdisassemble Job Type: aflasanbinutils Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7fff2240d888 Crash State: bufferreadmemory fetchdata...
openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox-branding-SLE (openSUSE-SU-2019:2451-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2019-11759
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
CVE-2019-11760
A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
Buffer overflow
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
CVE-2019-11759
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox 70, Thunderbird 68.2, and Firefox ESR 68.2...
CVE-2019-11759
CVE-2019-11759 describes a stack buffer overflow in the HKDF output that could allow code execution or a crash. Affected products include Firefox < 70, Thunderbird < 68.2, and Firefox ESR
CVE-2014-2072
Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to inadequate boundary checks...
Stack overflow
Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to inadequate boundary checks...
CVE-2014-2072
CVE-2014-2072 affects Dassault Systemes Catia V5-6R2013. The issue is a Stack Buffer Overflow in CATIA V5-6R2013 due to inadequate boundary checks, reported as a network-based vulnerability with high to critical impact (CVSS2: 7.5, CVSS3.1: 9.8). Public references indicate exploitation resources ...
Stack overflow
centurystar 7.12 ActiveX Control has a Stack Buffer Overflow...
CVE-2014-1598
The CVE-2014-1598 entry concerns the CenturyStar 7.12 ActiveX Control and is documented as a Stack Buffer Overflow vulnerability. The connected sources confirm the affected component (CenturyStar 7.12 ActiveX Control) and describe the root cause as a stack-based overflow. According to the NVD ent...
CVE-2014-1598
centurystar 7.12 ActiveX Control has a Stack Buffer Overflow...
Ruckus Unleashed Multiple Vulnerabilities (Jan 2020) - Active Check
Ruckus Unleashed is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
mruby:mruby_fuzzer: Stack-buffer-overflow in mrb_str_len_to_dbl
Project: https://github.com/mruby/mruby.git Detailed Report: https://oss-fuzz.com/testcase?key=6269063261323264 Project: mruby Fuzzing Engine: libFuzzer Fuzz Target: mrubyfuzzer Job Type: libfuzzerasanmruby Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address: 0x7ffcba6b3046...
CVE-2019-15695
TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFormat. Since remote attacker can choose offset from start of the buffer to start writing his values...