CVE-2021-29630

In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized buffer allowing a...

EulerOS 2.0 SP2 : libffi (EulerOS-SA-2020-2357)

According to the version of the libffi packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that...

EulerOS Virtualization 3.0.2.2 : libffi (EulerOS-SA-2020-2186)

According to the version of the libffi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Plea...

Huawei EulerOS: Security Advisory for libffi (EulerOS-SA-2020-1760)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-14983

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled numplayers value, leading to a buffer overflow. A malicious user can overwrite the server's stack...

DEBIAN-CVE-2020-14983

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled numplayers value, leading to a buffer overflow. A malicious user can overwrite the server's stack...

Buffer overflow

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled numplayers value, leading to a buffer overflow. A malicious user can overwrite the server's stack...

CVE-2020-14983

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled numplayers value, leading to a buffer overflow. A malicious user can overwrite the server's stack...

CVE-2020-14983

The CVE-2020-14983 issue affects Chocolate Doom 3.0.0 (and Crispy Doom 5.8.0 in the report) where the server does not validate the user-controlled num_players value, causing a stack-based buffer overflow. The vulnerability is in the networking code and can lead to server stack overwrite, with the...

PT-2020-14107 · Fabien Sanglard +2 · Crispy Doom +2

Name of the Vulnerable Software and Affected Versions: Chocolate Doom version 3.0.0 Crispy Doom version 5.8.0 Description: The issue arises from the server's failure to validate the user-controlled num players value, resulting in a buffer overflow. This allows a malicious user to overwrite the...

CVE-2017-1000376

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi...

EulerOS 2.0 SP5 : libffi (EulerOS-SA-2019-1756)

According to the version of the libffi packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that...

Code injection

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9638

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9638

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash...

CVE-2017-9638

CVE-2017-9638 affects Mitsubishi Electric Europe B.V. E-Designer, version 7.52 Build 344. The vulnerability is a stack-based buffer overflow in six code sections that can lead to arbitrary code execution, data integrity compromise, denial of service, and system crash. Connected sources (ICS-CERT)...

kernel: Arbitrary stack overwrite causing oops via crafted signal frame

A flaw was found in the Linux kernel's handling of signal frame on PowerPC systems. A malicious local user process could craft a signal frame allowing an attacker to corrupt memory...

Important: Red Hat Security Advisory: kernel-alt security, bug fix, and enhancement update

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

VMware VNC Pointer Decode Code Execution Vulnerability(CVE-2017-4941)

Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a type confusion resulting in stack overwrite, which could lead to code execution. An attacker can initiate a VNC session to trigger this...

VMware VNC Pointer Decode Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a type confusion resulting in stack overwrite, which could lead to code execution. An attacker can initiate a VNC session to trigger this...