CVE-2020-23904

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service DoS via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program...

CVE-2020-23904

CVE-2020-23904 affects Speex v1.2, with a stack-based buffer overflow in speexenc.c triggered by a crafted WAV file. The vulnerability can lead to a denial of service. The vendor notes inability to reproduce it and describes Speex as a demo program, which implies limited or unverified exploit pra...

CVE-2020-23878

Summary: CVE-2020-23878 affects pdf2json v0.71, with a stack buffer overflow in the XRef::fetch function. The vulnerability is documented across multiple feeds as a buffer overflow in a Java-based PDF-to-JSON library (pdf2json). Impact: CVSS metrics indicate high to critical severity (CVSS‑2.0: b...

CVE-2020-23878

pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch...

CVE-2020-23877

pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream...

CVE-2020-23877

CVE-2020-23877 affects pdf2xml/pdftoxml version 2.0, where a stack buffer overflow is exposed in the getObjectStream component. The CVE is documented across multiple sources (NVD entry and CNVD/CNNVD variants) and indicates a high-severity issue (CVSS v2: AV:N/AC:L/Au:N/C:P/I:P/A:P; CVSS v3.1: CR...

The vulnerability of the Advantech WebAccess remote monitoring software arises from buffer overflows in the stack, allowing a hacker to execute arbitrary code.

The vulnerability of Advantech WebAccess remote monitoring software arises due to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

openSUSE 15 Security Update : binutils (openSUSE-SU-2021:3643-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3643-1 advisory. - A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger...

SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2021:3643-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3643-1 advisory. - A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted...

SUSE SLED12 / SLES12 Security Update : binutils (SUSE-SU-2021:3637-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3637-1 advisory. - A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted...

Siemens Nucleus ReadyStart 缓冲区错误漏洞

Nucleus NET modules integrate a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. A security vulnerability exists in several Siemens products, which stems from a stack buffer overflow...

zlog 1.2.15 Buffer Overflow

Exploit Title: zlog 1.2.15 - Buffer Overflow Date: 10/23/2021 Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the...

zlog 1.2.15 - Buffer Overflow Exploit

Exploit Title: zlog 1.2.15 - Buffer Overflow Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the "zloginit" API to pars...

Security update for transfig (important)

openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2021:1458-1 Rating: important References: 1189325 1189343 1189345 1189346 1190607 1190611 1190612 1190615 1190616 1190617 1190618 1192019 Cross-References: CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-215...

Check Point Response to CVE-2021-36299, CVE-2021-36300, CVE-2021-36301, CVE-2021-20235 - Dell iDRAC9 Vulnerabilities

Cause CVE-2021-36299 - An SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application. CVE-2021-36300 -...

openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1439-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1439-1 advisory. - fig2dev 3.2.7b contains a stack buffer overflow in the bezierspline function in genepic.c. CVE-2020-21529 - fig2dev 3.2.7b contains a...

SUSE SLES11 Security Update : transfig (SUSE-SU-2021:14836-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14836-1 advisory. - fig2dev 3.2.7b contains a stack buffer overflow in the bezierspline function in genepic.c. CVE-2020-21529 - fig2dev 3.2.7b contains a...

SUSE: Security Advisory (SUSE-SU-2021:3582-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for transfig (important)

openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2021:1439-1 Rating: important References: 1189325 1189343 1189345 1189346 1190607 1190611 1190612 1190615 1190616 1190617 1190618 1192019 Cross-References: CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-215...

SUSE: Security Advisory (SUSE-SU-2021:14835-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...