CVE-2014-5439

SniffIt before 0.3.7 contains multiple stack-based buffer overflow vulnerabilities triggered by crafted configuration files, allowing arbitrary code execution (as reported across NVD/OSV/Ubuntu/Debian advisories). The issue bypasses NX/SSP/ASLR protections and is documented in multiple feeds (NVD...

CVE-2014-5439

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute...

CVE-2019-18930

Summary (CVE-2019-18930): Western Digital My Cloud EX2 Ultra firmware 2.31.183 is affected by a stack-based buffer overflow that allows remote code execution via web access. The flaw stems from missing size verification in a function within libscheddl.so and the handling of large f_idx inputs in ...

openSUSE Security Update : MozillaThunderbird (openSUSE-2019-2452)

This update for MozillaThunderbird to version 68.2.1 provides the following fixes : - Security issues fixed bsc1154738 : - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB bsc1154738. -...

EulerOS 2.0 SP5 : cifs-utils (EulerOS-SA-2019-2131)

According to the version of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pamcifscreds, allows remote attackers to have...

EulerOS 2.0 SP5 : glibc (EulerOS-SA-2019-2155)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address...

Control Center PRO 6.2.9 - Local Stack Based Buffer Overflow (SEH)

Exploit Title: Control Center PRO 6.2.9 - Local Stack Based BufferOverflow SEH Date: 2019-11-09 Exploit Author: Samir sanchez garnica @sasaga92 Vendor Homepage: http://www.webgateinc.com/wgi/eng/products/list.php?ecidx1=P610 Software Link:...

[SECURITY] [DSA 4561-1] fribidi security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4561-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 08, 2019 https://www.debian.org/security/faq -...

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-2211)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - dict.c in libxml2 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via an unexpected...

EulerOS 2.0 SP5 : quagga (EulerOS-SA-2019-2228)

According to the versions of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor...

EulerOS 2.0 SP5 : xerces-c (EulerOS-SA-2019-2199)

According to the version of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested...

Debian DSA-4561-1 : fribidi - security update

Alex Murray discovered a stack-based buffer overflow vulnerability in fribidi, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode isolate directional...

Ubuntu: Security Advisory (USN-4179-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-201910-15] thunderbird: multiple issues

Arch Linux Security Advisory ASA-201910-15 ========================================== Severity: Critical Date : 2019-10-26 CVE-ID : CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903 Package : thunderbird Type : multiple issues...

CVE-2019-17424

A stack-based buffer overflow in the processPrivilage function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers serving firewall configuration files to achieve Remote Code Execution or Denial Of Service via a crafted file...

CVE-2019-17424

CVE-2019-17424 affects nipper-ng 0.11.10. A stack-based buffer overflow in the function processPrivilage() (IOS/process-general.c) may be triggered by processing a crafted firewall configuration file, enabling remote attackers to achieve Remote Code Execution or Denial of Service. Public details ...

Security Bulletin: Multiple vulnerabilities in Open Source Binutils and Open Source OpenSSL affect IBM Netezza Analytics

Summary Open Source Binutils and OpenSSL is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2014-9939 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by a stack-based buffer overflow in ihex.c. By using...

AVEVA Vijeo Citect and Citect SCADA (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit --------- Begin Update A Part 1 of 5 --------- Vendor: AVEVA and Schneider Electric Equipment: AVEVA’s Vijeo Citect and Citect SCADA; Schneider Electric’s Power SCADA Operation --------- End Update A Part...

Stack overflow

In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP CONNECT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19862 and CVE-2018-19861. NOTE: this product is discontinued...

CVE-2019-17601

CVE-2019-17601 affects MiniShare 1.4.1 and is due to a stack-based buffer overflow triggered by an HTTP CONNECT request, allowing arbitrary code execution. The vulnerability is identified across multiple records (NVD, Red Hat, CVE lists) and is described as a stack-based overflow in MiniShare 1.4...