6881 matches found
CVE-2019-5186
Summary: CVE-2019-5186 affects the WAGO PFC200 iocheckd service (“I/O-Check”). A stack buffer overflow is triggered while parsing the XML cache file (/tmp/iocheckCache.xml). In the vulnerable path, the code uses sprintf to write into a 512-byte stack buffer, leading to overflow, and subsequently ...
clamav:clamav_scanmap_PDF_fuzzer: Stack-buffer-overflow in rijndaelSetupEncrypt
Detailed Report: https://oss-fuzz.com/testcase?key=5747616983023616 Project: clamav Fuzzing Engine: afl Fuzz Target: clamavscanmapPDFfuzzer Job Type: aflasanclamav Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0x7f7d47869030 Crash State: rijndaelSetupEncrypt...
pppd 2.4.8 Buffer Overflow Exploit
Exploit Title: Point to Point Protocol Daemon versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow - remote Author: nu11secur1ty Date: 2020-03-18 Vendor: Point to Point Protocol Daemon Link: https://github.com/nu11secur1ty/Windows10Exploits/tree/master/Undefined/CVE-2020-8597 CVE:...
MGASA-2020-0143 Updated sleuthkit packages fix security vulnerability
Updated sleuthkit packages fix security vulnerability: In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c CVE-2020-10232...
Debian: Security Advisory (DLA-2137-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2020:0668-1)
This update for glibc fixes the following issues : CVE-2020-10029: Fixed a potential overflow in on-stack buffer during range reduction bsc1165784. Fixed an issue where pthread were not always locked correctly bsc1164505. Document mprotect and introduce section on memory protection bsc1163184. No...
CVE-2019-13171
Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handlin...
Stack overflow
Some Brother printers such as the HL-L8360CDW v1.20 were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device...
CVE-2019-13193
CVE-2019-13193 affects Brother HL‑8360CDW v1.20 and similar Brother printers, where the web server fails to parse cookie values, causing a stack-based buffer overflow that could allow arbitrary code execution over the network. The initial docs indicate exploitation status is not provided; remedia...
CVE-2019-13193
Some Brother printers such as the HL-L8360CDW v1.20 were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device...
CVE-2019-5178
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
CVE-2019-5179
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file...
CVE-2019-5180
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in co...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. The destination buffer sp+0x440 is overflowed with the call to sprintf for any domainname values that are greater than...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
WAGO PFC200 Stack Buffer Overflow Vulnerability (CNVD-2020-16854)
The WAGO PFC200 is a programmable logic controller PLC from WAGO Germany. A stack buffer overflow vulnerability exists in the iocheckd service 'I/O-Check' function of the WAGO PFC200 03.02.0214. An attacker could exploit this vulnerability via a specially crafted XML cache file to achieve code...