Mageia: Security Advisory (MGASA-2021-0414)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0143)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0040 Updated aom packages fix security vulnerability

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aomimage.c. CVE-2020-36129 AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c. CVE-2020-36130 AOM v2.0.1 was discovered to contain a stack buffer overflow via the...

Updated aom packages fix security vulnerability

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aomimage.c. CVE-2020-36129 AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c. CVE-2020-36130 AOM v2.0.1 was discovered to contain a stack buffer overflow via the...

OSV-2021-1806 Stack-buffer-overflow in pdfi_open_CIDFont_substitute_file

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44034 Crash type: Stack-buffer-overflow WRITE Crash state: pdfiopenCIDFontsubstitutefile pdfiloadfont pdfireadtype0font...

Jerryscript stack buffer overflow vulnerability

JerryScript is a lightweight JavaScript engine from the JerryScript project. jerryscript has a stack buffer overflow vulnerability in version 3.0.0, which stems from vmloop.ltopriv.304 in /jerry-core/vm/vm.c when handling untrusted input with a boundary error. An attacker could exploit this...

CVE-2021-35004

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.662445553 wireless access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS response...

OSV-2022-69 Stack-buffer-overflow in pixCountPixels

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43841 Crash type: Stack-buffer-overflow READ 4 Crash state: pixCountPixels pixCountPixelsInRect pix3fuzzer.cc...

OSV-2022-62 Stack-buffer-overflow in load_regex_matcher

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43869 Crash type: Stack-buffer-overflow WRITE 1 Crash state: loadregexmatcher cliloadwdb cliload...

CVE-2021-46325

Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf...

CVE-2021-46324

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

CVE-2021-46334

Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component interceptorstrcat...

CVE-2021-46324

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

Stack overflow

Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component interceptorstrcat...

CVE-2021-46334

Moddable SDK v11.5.0 contains a stack buffer overflow in the __interceptor_strcat component caused by a boundary error when handling untrusted input. The CVE-2021-46334 entry specifies that this could allow remote code execution, with CVSS indicators in public references showing a potentially imp...

CVE-2021-46334

Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component interceptorstrcat...

CVE-2021-46325

Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf...

CVE-2021-46324

Espruino 2v11.251 is affected by a stack buffer overflow in jsvNewFromString (src/jsvar.c). Public records (NVD, CVE-2021-46324) indicate the flaw originates in memory boundary handling within Espruino’s JavaScript interpreter, potentially impacting confidentiality, integrity, and availability (C...

CVE-2021-46324

Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString...

Qnap Qvr has an unspecified vulnerability

Qnap Qvr is a Qnap monitoring system control center from China Welllink Technology Qnap, Inc. A security vulnerability exists in several QVR products, stemming from a stack buffer overflow vulnerability that affects QNAP devices running QVR Elite, QVR Pro, and QVR Guard. An attacker could exploit...