Stack overflow

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

Google Chrome Security Updates (stable-channel-update-for-desktop-2017-11) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Security Updates (stable-channel-update-for-desktop-2017-11) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

KLA11132 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause a denial of service and to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Stack buffer overflow in QUIC can be exploited remotely by an...

Advantech WebAccess Webvrpcs Service Opcode 80061 Stack Buffer Overflow

There is a stack buffer overflow in Advantech WebAccess 8.2. By sending a specially crafted DCERPC request, an attacker could overflow the buffer and execute arbitrary code. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: The stack overflow happens in sub10004BC8:...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 2 security fixes in this release, including: 777728 Critical CVE-2017-15398: Stack buffer overflow in QUIC. Reported by Ned Williamson on 2017-10-24 776677 High CVE-2017-15399: Use after free in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-10-20...

Advantech WebAccess Stack Buffer Overflow Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A stack buffer overflow vulnerability exists in versions...

Security Advisory - Seven vulnerabilities in Google Dnsmasq

Dnsmasq is a widely used piece of open-source softwarea designed to provide DNS, DHCP, Dnsmasq 2.77 and before version contains 7 security vulnerabilities. There is a heap buffer overflow vulnerability in dnsmasq in the code responsible when building DNS replies. An attacker could send crafted DN...

Jnes 1.0.2 - Stack Buffer Overflow

!/usr/bin/env python coding: utf-8 Exploit Title: Jnes Version 1.0.2 Stack Buffer Overflow Date: 3-11-2017 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: http://www.jabosoft.com/home Software Link: http://www.jabosoft.com/categories/3 Version: v1.0.2.15 Tested o...

RHEL 7 : liblouis (RHSA-2017:3111)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3111 advisory. Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and...

liblouis: Stack-buffer overflow in the function includeFile()

There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function includeFile in compileTranslationTable.c, that will lead to a remote denial of service attack...

Chain of 11 Bugs Takes Down Galaxy S8 at Mobile Pwn2Own

The mobile version of the annual Pwn2Own contest wrapped up today in Tokyo with an unprecedented attack chain leveling the Samsung Galaxy S8. Researchers from MWR Labs used 11 vulnerabilities across six different mobile applications to execute code on Samsung’s flagship device and exfiltrate data...

chakra: Stack-buffer-overflow in Output::PrintBuffer

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5319633180557312 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7efd1fdab820 Crash State: Output::PrintBuffer...

Flexense DiskPulse Client Import Stack Buffer Overflow

A stack buffer overflow vulnerability exists in the client component of Disk Pulse Enterprise Server. The vulnerability is due to improper parsing of an XML file when performing import command or import profile action. A remote, unauthenticated attacker could exploit this vulnerability by enticin...

chakra: Dynamic-stack-buffer-overflow in js_memcpy_s

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=6280172954189824 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 16 Crash Address: 0x7ffec5b38060 Crash State: jsmemcpys...

gstreamer/gst-discoverer: Stack-buffer-overflow in vorbis_handle_identification_packet

Project: https://anongit.freedesktop.org/git/gstreamer/gstreamer Detailed report: https://oss-fuzz.com/testcase?key=6419900319924224 Project: gstreamer Fuzzer: libFuzzergstreamergst-discoverer Fuzz target binary: gst-discoverer Job Type: libfuzzerasangstreamer Platform Id: linux Crash Type:...