Remote Code Execution (RCE)

MuPDF is vulnerable to remote code execution RCE attacks. A malicious user can pass a malicious pdf file to the pdflookupcmapfull function in pdf-cmap.c to cause a stack buffer overflow that can lead to arbitrary code being executed...

imagemagick/encoder_dng_fuzzer: Stack-buffer-overflow in stread

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6275080005877760 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

envoy/server_fuzz_test: Stack-buffer-overflow in grpc_parse_ipv6_hostport

Project: https://github.com/envoyproxy/envoy.git Detailed report: https://oss-fuzz.com/testcase?key=5759581388013568 Project: envoy Fuzzer: libFuzzerenvoyserverfuzztest Fuzz target binary: serverfuzztest Job Type: libfuzzerasanenvoy Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash...

Delta Industrial Automation DOPSoft Buffer Overflow Vulnerability

Delta Electronics Delta Industrial Automation DOPSoft is a suite of HMI applications from Delta Electronics. A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft 4.00.04 and prior versions, which arises from the program's use of a fixed-length stack...

Denial Of Service (DoS) Through Stack Buffer Overflow

libexiv2.so is vulnerable to denial of service DoS through stack-based buffer overflow attacks. The vulnerability exists in Exiv2::Internal::stringFormat of image.cpp where a malicious image could cause a stack-based buffer overflow which leads to a DoS attack...

imagemagick/ping_ptif_fuzzer: Stack-buffer-overflow in _TIFFVGetField

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=4887809402863616 Project: imagemagick Fuzzer: aflimagemagickpingptiffuzzer Fuzz target binary: pingptiffuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type: Stack-buffer-overflo...

Stack overflow

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. IBM X-Force ID: 140210...

CVE-2018-1459

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. IBM X-Force ID: 140210...

CVE-2018-1000038

In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdflookupcmapfull in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file...

Stack overflow

In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdflookupcmapfull in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file...

CVE-2018-1000038

In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdflookupcmapfull in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

CVE-2018-1125

CVE-2018-1125 affects procps-ng up to version 3.3.15, with a stack-based buffer overflow in pgrep caused by a strncat() to a stack-allocated string. The impact is mitigated by Fortify builds (e.g., on RHEL/Fedora) and, in those cases, can be limited to a crash. Connected sources confirm the vulne...

CVE-2018-1125

procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat to a stack-allocated string. When pgrep is compiled with FORTIFY as on Red Hat Enterprise Linux and Fedora, the impact is limited to a crash...

Denial Of Service (DoS)

libxml2.so is vulnerable to denial of service. The vulnerability exists in the xmlParserEntityCheck and xmlParseAttValueComplex functions that calls xmlStringDecodeEntities recursively without incrementing the depth counter, causing a stack buffer overflow attack which then lead to an application...

CVE-2018-1125

If a process inspected by pgrep has an argument longer than INTMAX bytes, "int bytes" could wrap around back to a large positive int rather than approaching zero, leading to a stack buffer overflow via strncat. Mitigation The procps suite on Red Hat Enterprise Linux is built with FORTIFY, which...

Prime95 29.4b8 Stack Buffer Overflow

Exploit Title: Prime95 Local Buffer Overflow SEH Date: 13-4-2018 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: https://www.mersenne.org/ Software Link: https://www.mersenne.org/download/download Version: 29.4b8 Tested on: Windows 10 Pro x64 SPANISH Windows 7 Ho...

Prime95 29.4b8 - Stack Buffer Overflow (SEH)

Prime95 29.4b8 - Stack Buffer Overflow SEH Exploit Title: Prime95 Local Buffer Overflow SEH Date: 13-4-2018 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: https://www.mersenne.org/ Software Link: https://www.mersenne.org/download/download Version: 29.4b8 Tested...