Lucene search
K

6911 matches found

ossfuzz
ossfuzz
added 2019/09/14 1:1 p.m.20 views

cryptofuzz:cryptofuzz-openssl-110: Stack-buffer-overflow in RC5_32_set_key

Project: https://github.com/guidovranken/cryptofuzz.git Detailed Report: https://oss-fuzz.com/testcase?key=5667636637073408 Project: cryptofuzz Fuzzing Engine: afl Fuzz Target: cryptofuzz-openssl-110 Job Type: aflasancryptofuzz Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash...

7AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/09/13 6:56 a.m.17 views

openthread:ip6-send-fuzzer: Stack-buffer-overflow in ot::Message::Write

Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5691354285342720 Project: openthread Fuzzing Engine: afl Fuzz Target: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address:...

7AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/09/11 12:0 a.m.20 views

NewStart CGSL MAIN 4.06 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0178)

The remote NewStart CGSL host, running version MAIN 4.06, has thunderbird packages installed that are affected by multiple vulnerabilities: - Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a...

10CVSS8.4AI score0.55874EPSS
Exploits31References19
ossfuzz
ossfuzz
added 2019/09/06 3:50 p.m.20 views

libhevc:hevc_dec_fuzzer: Stack-buffer-overflow in ihevcd_ref_list

Project: https://android.googlesource.com/platform/external/libhevc Detailed Report: https://oss-fuzz.com/testcase?key=5637475766108160 Project: libhevc Fuzzing Engine: afl Fuzz Target: hevcdecfuzzer Job Type: aflasanlibhevc Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash...

6.6AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/30 12:0 a.m.73 views

Ubuntu 16.04 LTS / 18.04 LTS : Apache HTTP Server vulnerabilities (USN-4113-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4113-1 advisory. Stefan Eissing discovered that the HTTP/2 implementation in Apache did not properly handle upgrade requests from HTTP/1.1 to HTTP/2 in some...

9.1CVSS7.3AI score0.81466EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2019/08/30 12:0 a.m.309 views

Ubuntu: Security Advisory (USN-4113-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.1AI score0.81466EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2019/08/29 12:0 a.m.29 views

Debian DLA-1899-1 : faad2 security update

Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder : CVE-2018-19502 Heap buffer overflow in the function excludedchannels libfaad/syntax.c. This vulnerability might allow remote attackers to cause denial of service via crafted MPEG AAC data. CVE-2018-20196...

7.8CVSS6.8AI score0.01518EPSS
Exploits5References8
ossfuzz
ossfuzz
added 2019/08/24 1:11 a.m.32 views

freeimage:load_from_memory_fuzzer: Stack-buffer-overflow in strncpy

Detailed Report: https://oss-fuzz.com/testcase?key=5633780185825280 Project: freeimage Fuzzing Engine: libFuzzer Fuzz Target: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f89f7151530 Crash State: strncpy...

7AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2019/08/23 12:0 a.m.20 views

Debian: Security Advisory (DLA-1893-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.3AI score0.02091EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/23 12:0 a.m.21 views

Debian DLA-1893-1 : cups security update

Two issues have been found in cups, the Common UNIX Printing Systemtm. Basically both CVEs CVE-2019-8675 and CVE-2019-8696 are about stack-buffer-overflow in two functions of libcup. One happens in asn1gettype the other one in asn1getpacked. For Debian 8 'Jessie', these problems have been fixed i...

8.8CVSS6.3AI score0.02091EPSS
Exploits0References4
Debian
Debian
added 2019/08/22 8:45 p.m.80 views

[SECURITY] [DLA 1893-1] cups security update

Package : cups Version : 1.7.5-11+deb8u5 CVE ID : CVE-2019-8675 CVE-2019-8696 Two issues have been found in cups, the Common UNIX Printing Systemtm. Basically both CVEs CVE-2019-8675 and CVE-2019-8696 are about stack-buffer-overflow in two functions of libcup. One happens in asn1gettype the other...

8.8CVSS8.8AI score0.02091EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.149 views

Apache 2.4.x < 2.4.41 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.41. It is, therefore, affected by multiple vulnerabilities: - A cross-site scripting XSS vulnerability exists in modproxy when proxying is enabled and Proxy Error page is displayed. CVE-2019-10092 - An...

9.1CVSS8.4AI score0.81466EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.36 views

Oracle Linux 8 : redis:5 (ELSA-2019-2002)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2002 advisory. - fix Heap buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10192 Tenable has extracted the preceding description block directly...

7.2CVSS7.7AI score0.26048EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2019/08/19 12:0 a.m.80 views

redis:5 security update

5.0.3-2 - fix Heap buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10192 - fix Stack buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10193...

7.2CVSS2AI score0.26048EPSS
Exploits0
Mageia
Mageia
added 2019/08/18 12:39 p.m.49 views

Updated redis packages fix security vulnerabilities

This update fixes 2 security issues. A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure CVE-2019-10192. A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure CVE-2019-10193...

7.2CVSS2.4AI score0.26048EPSS
Exploits0References3
OSV
OSV
added 2019/08/18 12:39 p.m.7 views

MGASA-2019-0226 Updated redis packages fix security vulnerabilities

This update fixes 2 security issues. A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure CVE-2019-10192. A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure CVE-2019-10193...

7.2CVSS7.1AI score0.26048EPSS
Exploits0References4
Hacker One
Hacker One
added 2019/08/18 1:18 a.m.28 views

Valve: [GoldSrc] Remote Code Execution using malicious WAD list in BSP file

Summary TEXInitFromWad function calls COMFileBase to get file name from a path into a buffer on the stack. Since COMFileBase does not have boundary checks and the buffer is small, long WAD file name can trigger a Stack Buffer Overflow, leading to arbitrary code execution. Steps to reproduce...

2.8AI score
Exploits0
NVD
NVD
added 2019/08/15 5:15 p.m.30 views

CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

7.8CVSS7.9AI score0.01466EPSS
Exploits0References4
Prion
Prion
added 2019/08/15 5:15 p.m.14 views

Stack overflow

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

6.8CVSS8.1AI score0.01466EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCve
added 2019/08/15 5:15 p.m.20 views

CVE-2019-13221

A stack buffer overflow in the computecodewords function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file...

7.8CVSS7.4AI score0.01466EPSS
Exploits0References4
Rows per page
Query Builder