CVE-2019-14457

Vulnerability CVE-2019-14457 affects VIVOTEK IP Camera devices running firmware prior to 0x20x. The flaw is a stack-based buffer overflow triggered by a crafted HTTP header, potentially allowing arbitrary code execution. NVD metrics show a high/critical impact with network access and no user inte...

CVE-2019-3975

Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows a remote, unauthenticated attacker to execute arbitrary code via a crafted IOCTL 70603 RPC message...

Delta Electronics TPEditor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Delta Electronics Equipment: TPEditor Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...

CVE-2019-10892

An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnapmain at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it finally leads to a...

CVE-2019-10892

An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnapmain at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users. And it finally leads to a...

CVE-2019-10892

The CVE-2019-10892 issue affects D-Link DIR-806 devices. A stack-based buffer overflow exists in function hnap_main in /htdocs/cgibin, triggered when the server processes specially crafted HTTP headers. The code path calls sprintf without validating the length of input strings from HTTP headers, ...

Red Lion Crimson CD3 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Red Lion Crimson. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of C...

CVE-2019-13156

CVE-2019-13156 affects NDrive(1.2.2).sys in Naver Cloud Explorer and is described as a stack-based buffer overflow that allows denial of service when reading data from an IOCTL handle. The connected documents consistently report this same issue across multiple sources (NVD, Red Hat, CVE lists, CN...

EZAutomation EZ Touch Editor

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: EZAutomation Equipment: EZ Touch Editor Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the...

Security Bulletin: Access Manager Client in IBM DataPower Gateways is vulnerable to a denial of service attack.

Summary IBM DataPower Gateways has addressed a vulnerability in the ISAM Access Manager Client component that could cause a denial of service. Vulnerability Details CVEID: CVE-2016-3706 DESCRIPTION: GNU C Library glibc or libc6 is vulnerable to a denial of service, caused by a stack-based buffer...

CVE-2019-15767

In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmdload function in frontend/cmd.cc via a crafted chess position in an EPD file...

SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:2237-1) (Internal Data Buffering)

This update for apache2 fixes the following issues : Security issues fixed : CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering bsc1145575. CVE-2019-10081: Fixed modhttp2 that is vulnerable to memory corruption on early pushes bsc1145742...

CVE-2019-13455

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c...

EulerOS 2.0 SP8 : dcraw (EulerOS-SA-2019-1817)

According to the version of the dcraw package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote...

EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2019-1824)

According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can...

EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1795)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x befo...