Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4342-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4342-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address...

Adobe Bridge Stack Buffer Overflow Vulnerability

Adobe Bridge is a free digital asset management application from Adobe. Adobe Bridge suffers from a stack buffer overflow vulnerability. An attacker can exploit the vulnerability to execute arbitrary code...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4344-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4344-1 advisory. It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly u...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4345-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4345-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondar...

Low: Red Hat Security Advisory: cups security and bug fix update

An update for cups is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

neomutt:address-fuzz: Stack-buffer-overflow in mutt_addrlist_parse

Project: https://github.com/neomutt/neomutt.git Detailed Report: https://oss-fuzz.com/testcase?key=5731491599613952 Project: neomutt Fuzzing Engine: libFuzzer Fuzz Target: address-fuzz Job Type: libfuzzerasanneomutt Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

Amazon Linux AMI : kernel (ALAS-2020-1360)

The version of kernel installed on the remote host is prior to 4.14.173-106.229. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1360 advisory. 2023-11-29: CVE-2020-27418 was added to this advisory. A stack buffer overflow issue was found in the getrawsocket...

libzmq:decode_fuzzer: Stack-buffer-overflow in zmq_z85_decode

Project: https://github.com/zeromq/libzmq.git Detailed Report: https://oss-fuzz.com/testcase?key=5724808697610240 Project: libzmq Fuzzing Engine: libFuzzer Fuzz Target: decodefuzzer Job Type: libfuzzerasani386libzmq Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

Medium: kernel

Issue Overview: A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to...

WECON LeviStudio ShortMessage Module SMtext Stack Buffer Overflow

A stack buffer overflow exists in Wecon LeviStudio. A remote attacker could exploit this vulnerability by enticing a user to open a crafted project. Successful exploitation could allow the attacker to execute arbitrary code under the security context of the user process...

The vulnerability of the mb_strtolower() function when using the UTF-32LE encoding in the PHP programming language allows attackers to execute arbitrary code.

The vulnerability of the mbstrtolower function when using the UTF-32LE encoding in the PHP programming language is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

libfmt:fuzzer_named_arg: Stack-buffer-underflow in fmt::v6::basic_format_args<fmt::v6::basic_format_context<std::__1::back_insert_i

Detailed Report: https://oss-fuzz.com/testcase?key=5747676286287872 Project: libfmt Fuzzing Engine: libFuzzer Fuzz Target: fuzzernamedarg Job Type: libfuzzerasanlibfmt Platform Id: linux Crash Type: Stack-buffer-underflow READ 16 Crash Address: 0x7f200d9a6110 Crash State:...

tigervnc security update

1.9.0-14 - Bump build version Resolves: bz1819877 Resolves: bz1819879 Resolves: bz1819882 Resolves: bz1819886 Resolves: bz1819884 1.9.0-13 - Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz1819877 - Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz1819879 - Fix...

openthread:ncp-uart-received-fuzzer: Stack-buffer-overflow in ot::NetworkData::NetworkData::FindService

Project: https://github.com/openthread/openthread.git Detailed Report: https://oss-fuzz.com/testcase?key=5726217824370688 Project: openthread Fuzzing Engine: libFuzzer Fuzz Target: ncp-uart-received-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ...

suricata:fuzz_sigpcap: Dynamic-stack-buffer-overflow in RetrieveFPForSig

Project: https://github.com/OISF/suricata.git Detailed Report: https://oss-fuzz.com/testcase?key=5682380569575424 Project: suricata Fuzzing Engine: libFuzzer Fuzz Target: fuzzsigpcap Job Type: libfuzzerasansuricata Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow WRITE 4 Crash Address...

wireshark:fuzzshark_ip: Stack-buffer-overflow in tvb_get_ipv4_addr_with_prefix_len

Project: https://code.wireshark.org/review/wireshark Detailed Report: https://oss-fuzz.com/testcase?key=5751611818508288 Project: wireshark Fuzzing Engine: libFuzzer Fuzz Target: fuzzsharkip Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address...

wireshark:fuzzshark_tcp_port-bgp: Stack-buffer-overflow in tvb_get_ipv4_addr_with_prefix_len

Project: https://code.wireshark.org/review/wireshark Detailed Report: https://oss-fuzz.com/testcase?key=5633955517956096 Project: wireshark Fuzzing Engine: libFuzzer Fuzz Target: fuzzsharktcpport-bgp Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Cras...

Oracle VirtualBox xHCI Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

ALPINE-CVE-2019-12519

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the...

Arbitrary Code Execution

samba is vulnerable to arbitrary code execution. A stack buffer overflow flaw was found in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash, or execute arbitrary code with the permissions of the Samba server...