6911 matches found
CVE-2019-13106
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution...
CVE-2019-13106
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution...
PT-2019-13130 · Denx Software Engineering +2 · Das U-Boot +2
Name of the Vulnerable Software and Affected Versions: Das U-Boot versions 2016.09 through 2019.07-rc4 Description: The issue arises when Das U-Boot attempts to read a crafted ext4 filesystem, leading to a stack buffer overflow due to excessive data being memset. This overflow could potentially...
libvips/pngsave_buffer_fuzzer: Stack-buffer-overflow in write_png_comment
Project: https://github.com/libvips/libvips.git Detailed report: https://oss-fuzz.com/testcase?key=5078454764044288 Project: libvips Fuzzer: libFuzzerlibvipspngsavebufferfuzzer Fuzz target binary: pngsavebufferfuzzer Job Type: libfuzzerasanlibvips Platform Id: linux Crash Type:...
aspell/aspell_fuzzer: Dynamic-stack-buffer-overflow in acommon::unescape
Project: https://github.com/gnuaspell/aspell.git Detailed report: https://oss-fuzz.com/testcase?key=5678055552450560 Project: aspell Fuzzer: aflaspellfuzzer Fuzz target binary: aspellfuzzer Job Type: aflasanaspell Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 1 Crash Address:...
Amazon Linux 2 : dnsmasq (ALAS-2019-1251)
A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the...
Stack overflow
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
CVE-2019-11705
CVE-2019-11705 is a stack buffer overflow in Thunderbird’s libical-based icalrecur_add_bydayrules (affecting Thunderbird
Apache Httpd < 2.4.41 : CVE-2019-10097 mod_remoteip: Stack buffer overflow and NULL pointer dereference
When modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
openthread/ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::NetworkData::Leader::IsStableUpdated
Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5630599882080256 Project: openthread Fuzzer: libFuzzeropenthreadncp-uart-received-fuzzer Fuzz target binary: ncp-uart-received-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash...
imagemagick/encoder_eps_fuzzer: Stack-buffer-overflow in ConstantString
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5726208135790592 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderepsfuzzer Fuzz target binary: encoderepsfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
imagemagick/ping_ept2_fuzzer: Stack-buffer-overflow in GetNextUTFCode
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5695814195740672 Project: imagemagick Fuzzer: libFuzzerimagemagickpingept2fuzzer Fuzz target binary: pingept2fuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...
clamav/clamav_scanfile_fuzzer: Stack-buffer-overflow in real_scansis
Detailed report: https://oss-fuzz.com/testcase?key=5632043662180352 Project: clamav Fuzzer: libFuzzerclamavscanfilefuzzer Fuzz target binary: clamavscanfilefuzzer Job Type: libfuzzerasanclamav Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address: 0x7fd238ca9890 Crash State:...
Critical: thunderbird
Issue Overview: libical: Heap buffer over read in icalparser.c parsergetnextchar CVE-2019-11703 libical: Type confusion in icaltimezonegetvtimezoneproperties function in icalproperty.c CVE-2019-11706 Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 libical: Stack buffer overflow in...
wireshark/fuzzshark_ip_proto-udp: Stack-buffer-overflow in tvb_memcpy
Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=5738227266224128 Project: wireshark Fuzzer: aflwiresharkfuzzsharkipproto-udp Fuzz target binary: fuzzsharkipproto-udp Job Type: aflasanwireshark Platform Id: linux Crash Type:...
FreeBSD 11.x < 11.2-RELEASE-p7 / 12.x < 12.0-RELEASE-p1 bootpd stack buffer overflow
The version of the FreeBSD kernel running on the remote host is 11.x prior to 11.2-RELEASE-p7 or 12.x prior to 12.0-RELEASE-p1. It is, therefore, affected by a stack buffer overflow vulnerability in bootpd. Insufficient validation of network-provided data in bootpd may make it possible for a...
freeimage/load_from_memory_fuzzer: Stack-buffer-overflow in LibRaw::parse_rollei
Detailed report: https://oss-fuzz.com/testcase?key=5156329342107648 Project: freeimage Fuzzer: libFuzzerloadfrommemoryfuzzer Fuzz target binary: loadfrommemoryfuzzer Job Type: libfuzzerasanfreeimage Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7fef5bbbdca0 Crash Stat...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
imagemagick/ping_eps_fuzzer: Stack-buffer-overflow in ConstantString
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5653164516179968 Project: imagemagick Fuzzer: libFuzzerimagemagickpingepsfuzzer Fuzz target binary: pingepsfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...