Adobe Acrobat < 2015.006.30508 / 2017.011.30156 / 2019.021.20058 Multiple Vulnerabilities (APSB19-55) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2015.006.30508, 2017.011.30156, or 2019.021.20058. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier,...

Adobe Reader < 2015.006.30508 / 2017.011.30156 / 2019.021.20058 Multiple Vulnerabilities (APSB19-55) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30508, 2017.011.30156, or 2019.021.20058. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier,...

Advantech DiagAnywhere FOLDER_REMOVE Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech DiagAnywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of FOLDERREMOVE messages. The issue results from the lack of proper...

Advantech DiagAnywhere FILE_OPEN_RO Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech DiagAnywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of FILEOPENRO messages. The issue results from the lack of proper...

EulerOS 2.0 SP2 : ncurses (EulerOS-SA-2019-2420)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a heap-based buffer over-read in the ncfindentry function in tinfo/comphash.c in the terminfo library in ncurses before...

EulerOS 2.0 SP2 : cifs-utils (EulerOS-SA-2019-2366)

According to the version of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pamcifscreds, allows remote attackers to have...

EulerOS 2.0 SP2 : quagga (EulerOS-SA-2019-2408)

According to the versions of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Open Shortest Path First OSPF protocol implementations may improperly determine Link State Advertisement LSA recency for LSAs with...

CVE-2019-19630

CVE-2019-19630 affects HTMLDOC 1.9.7, enabling a stack-based buffer overflow in hd_strlcpy() (string.c) when triggered from render_contents in ps-pdf.cxx via a crafted HTML document. Connected advisories confirm the vulnerability and indicate fixes in later releases/updates across distributions (...

CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of...

CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of...

CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

CVE-2019-19555

readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf...

EulerOS Virtualization for ARM 64 3.0.3.0 : icu (EulerOS-SA-2019-2312)

According to the version of the icu package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The ucnvUTF8FromUTF8 function in ucnvu8.cpp in International Components for Unicode ICU for C/C++ through 60.1 mishandles...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2019-0225)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected by a vulnerability: - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might...

CVE-2019-14897

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service system crash or, possibly execute arbitrary code, when a STA works in IBSS mode allows connecting stations together without the use of ...

CVE-2011-3630

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink...

CVE-2019-14897

A stack-based buffer overflow was found in the Linux kernel's Marvell WiFi chip driver. An attacker is able to cause a denial of service system crash or, possibly execute arbitrary code, when a STA works in IBSS mode allows connecting stations together without the use of an AP and connects to...

Amazon Linux 2 : ntp (ALAS-2019-1367)

The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted hostname. Applications using these vulnerable utilities with an untrusted input may be potentially exploited, resulting in a crash or arbitrary code execution under...

CVE-2018-8879

CVE-2018-8879 affects Asuswrt-Merlin firmware on ASUS devices: stack-based buffer overflow in the blocking.asp page, triggered by long input via GET/POST. Vulnerable parameters are flag, mac, and cat_id. Impact stated: remote code execution with arbitrary code, for devices running ASUS firmware b...

CVE-2018-8879

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters ar...