Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : EditorConfig Core C vulnerability (USN-5842-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5842-1 advisory. Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C incorrectly handled memory when handling certain...

PT-2023-1547 · Delta Electronics · Dopsoft

Name of the Vulnerable Software and Affected Versions: Delta Electronics DOPSoft versions 4.00.16.22 and prior Description: The issue is caused by a stack-based buffer overflow. This could allow an attacker to execute arbitrary code remotely when a specially crafted file is introduced to the...

CVE-2022-34403

Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM...

CVE-2023-0341

A stack buffer overflow exists in the ecglob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over th...

CVE-2023-0341

A stack buffer overflow exists in the ecglob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over th...

Stack overflow

A stack buffer overflow exists in the ecglob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over th...

CVE-2023-0341 Stack Buffer Overflow in editorconfig-core-c

A stack buffer overflow exists in the ecglob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over th...

CVE-2023-0341 Stack Buffer Overflow in editorconfig-core-c

A stack buffer overflow exists in the ecglob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over th...

CVE-2023-0341

A stack buffer overflow exists in the ecglob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over th...

CVE-2023-0341

CVE-2023-0341 affects editorconfig-core-c prior to 0.12.6, where a stack buffer overflow in the ec_glob function could allow an attacker to arbitrarily write to the stack and possibly achieve remote code execution. The vulnerability is mitigated in version 0.12.6 by bound checking all write opera...

CVE-2022-28331

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

ALPINE-CVE-2022-28331

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

CVE-2022-28331

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

CVE-2022-28331

CVE-2022-28331 affects Apache Portable Runtime (APR) 1.7.0 and earlier on Windows, with a write beyond the end of a stack-based buffer in apr_socket_sendv() caused by integer overflow. The vulnerability can lead to arbitrary code execution or a crash and has a CVSS v3.1 base score of 9.8 (CRITICA...

CVE-2022-28331

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

The vulnerability of the Common Desktop Environment component of the Oracle Solaris operating system allows a hacker to elevate their privileges to the root level.

The vulnerability of the Common Desktop Environment component of the Oracle Solaris operating system arises due to an overflow in the buffer on the stack. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level by using a malicious printer...

EulerOS Virtualization 3.0.2.2 : libtiff (EulerOS-SA-2023-1270)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Null source pointer passed as an argument to memcpy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from...

EulerOS Virtualization 3.0.2.2 : curl (EulerOS-SA-2023-1249)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to...

Debian DSA-5333-1 : tiff - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5333 advisory. Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format TIFF library and tools, whi...

CVE-2022-41140

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lighttpd service, which listens on TCP port 80 by default. The iss...