Extreme ExtremeXOS glibc Vulnerability (VN-2016-003)

Extreme ExtremeXOS is prone to a vulnerability in glibc. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:extremenetworks:exos"; i...

Jasper 'jpc_tsfb.c' Stack Buffer Overflow Vulnerability

JasPer is an open source implementation of the JPEG-2000 codec . Jasper 'jpctsfb.c' suffers from a stack buffer overflow vulnerability due to a failure to adequately copy user-supplied data into a buffer. An attacker could use this vulnerability to execute arbitrary script code in the context of ...

Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) Exploit

Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send...

Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send without null bytes ARM: - inline rev/bind shell works...

Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow Vulnerability

Exploit for linux platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedded...

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedde...

openSUSE Security Update : php5 (openSUSE-2016-1321)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

openSUSE Security Update : php5 (openSUSE-2016-1308)

This update for php5 fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedded webserver, it's used for a variety of tasks and is...

Updated gnuchess packages fix security vulnerability

gnuchess before 6.2.4 is vulnerable to a stack buffer overflow related to user move input, where 160 characters of input can crash gnuchess CVE-2015-8972...

MGASA-2016-0390 Updated gnuchess packages fix security vulnerability

gnuchess before 6.2.4 is vulnerable to a stack buffer overflow related to user move input, where 160 characters of input can crash gnuchess CVE-2015-8972...

Security update for php5 (important)

This update for php5 fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

openSUSE Security Update : gd (openSUSE-2016-1281)

This update for gd fixes the following security issues : - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

Security update for gd (important)

This update for gd fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...

ffmpeg: Stack-buffer-overflow in ff_htmlmarkup_to_ass

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6380176053108736 Target: ffmpeg Fuzzer: libFuzzerffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Fuzzer binary: ffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linu...

ffmpeg: Stack-buffer-overflow in ff_htmlmarkup_to_ass

Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6380176053108736 Target: ffmpeg Fuzzer: libFuzzerffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Fuzzer binary: ffmpegSUBTITLEAVCODECIDSUBRIPfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow READ 1...

Stack overflow

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without...

CVE-2016-8812

CVE-2016-8812 affects NVIDIA Windows GPU drivers for NVIDIA Quadro/NVS/GeForce with GeForce Experience (GFE) R340 prior to 2.11.4.125 and R375 prior to 3.1.0.52. The issue is a kernel-mode stack buffer overflow in nvstreamkms.sys triggered by specially crafted executable paths, requiring GeForce ...

Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow

Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily long strings into certain XML parameters and then copies them into the stack. This...

pcre2: Stack-buffer-overflow in parse_regex

Project: svn://vcs.exim.org/pcre2/code/trunk Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4804894724718592 Target: pcre2 Fuzzer: libFuzzerpcre2fuzzer Job Type: libfuzzerasanpcre2 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7fe78b19ded0...