6911 matches found
Security update for u-boot (moderate)
openSUSE Security Update: Security update for u-boot Announcement ID: openSUSE-SU-2019:2233-1 Rating: moderate References: 1144656 1144675 Cross-References: CVE-2019-13104 CVE-2019-13106 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...
CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...
CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...
Null pointer dereference
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...
CVE-2019-10097
CVE-2019-10097 affects Apache HTTP Server 2.4.32–2.4.39 when mod_remoteip is configured to use a trusted intermediary proxy server via the PROXY protocol. A specially crafted PROXY header can trigger a stack buffer overflow or NULL pointer dereference, potentially crashing the server or impacting...
CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...
CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...
SUSE-SU-2019:2475-1 Security update for u-boot
This update for u-boot fixes the following issues: Security issues fixed: - CVE-2019-13106: Fixed stack buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of data v...
SUSE-SU-2019:2474-1 Security update for u-boot
This update for u-boot fixes the following issues: Security issues fixed: - CVE-2019-13106: Fixed stack buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of data v...
The vulnerability of the embedded web-server microprogramming software in Moxa PT-7528 and Moxa PT-7828 Ethernet switches allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the embedded web-server microprogramming software for Moxa PT-7528 and Moxa PT-7828 switches is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or trigger a service failure using a specially crafted...
OPENSUSE-SU-2019:2180-1 Security update for bird
This update for bird fixes the following issues: - CVE-2019-16159: Fixed a stack-based buffer overflow via administrative shutdown communication messages. bnc1150108 This update was imported from the openSUSE:Leap:15.1:Update update project...
EulerOS 2.0 SP5 : ruby (EulerOS-SA-2019-1990)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A SMTP command injection flaw was found in the way Ruby's Net::SMTP module handled CRLF sequences in certain SMTP commands. An attacker could...
KLA11591 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Vulnerability related to document.domain can be exploited...
xvid:fuzzer-decoder: Stack-buffer-overflow in BitstreamReadHeaders
Detailed Report: https://oss-fuzz.com/testcase?key=5638255688548352 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzerasanxvid Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7fff6d7f8058 Crash State: BitstreamReadHeaders...
openthread:ip6-send-fuzzer: Stack-buffer-overflow in ot::Message::Read
Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5682816276234240 Project: openthread Fuzzing Engine: libFuzzer Fuzz Target: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash...
openthread:radio-receive-done-fuzzer: Stack-buffer-overflow in ot::NetworkData::Leader::SendCommissioningGetResponse
Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5741928179564544 Project: openthread Fuzzing Engine: libFuzzer Fuzz Target: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow REA...
Ubuntu 16.04 LTS / 18.04 LTS : Apache HTTP Server regression (USN-4113-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4113-2 advisory. USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager...
DEBIAN-CVE-2019-16395
GnuCOBOL 2.2 has a stack-based buffer overflow in the cbname function in cobc/tree.c via crafted COBOL source code...
USN-4113-2: Apache HTTP Server regression
USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Stefan Eissing discovered...
Pulse Connect Secure Stack Buffer Overflow (CVE-2019-11542)
A stack buffer overflow vulnerability exists in Pulse Connect Secure SSL VPN. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the effected system...