CVE-2019-3953

CVE-2019-3953 affects Advantech WebAccess/SCADA 8.4.0. A stack-based buffer overflow exists when handling IOCTL 10012 RPC calls, allowing a remote, unauthenticated attacker to execute arbitrary code. The entry is corroborated by multiple sources (NVD and national/national vulnerability databases)...

Thunderbird ESR < 60.7.XXX - icalrecur_add_bydayrules Stack-Based Buffer Overflow Vulnerability

Stack-based buffer overflow in Thunderbird ========================================== Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...

Netperf 2.6.0 - Stack-Based Buffer Overflow Exploit

Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: Netperf 2.6.0 s a benchmark tool than developed by Helett Packard that can be used to measure the performance of many different types of networking. It provides tests for both unidirectional troughput...

Stack overflow

A stack-based buffer overflow can occur for specially crafted PDF files in Foxit Reader SDK ActiveX 5.4.0.1031 when parsing the URI string. An attacker can leverage this to gain remote code execution...

CVE-2018-19447

Foxit PDF SDK ActiveX vulnerability CVE-2018-19447 affects Foxit Reader SDK ActiveX Std/Pro 5.4.0.1031, where parsing URI strings can trigger a stack-based buffer overflow, enabling remote code execution. Root cause: unchecked URI parsing in the ActiveX component. Reported impact: remote code exe...

SUSE-SU-2019:1495-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following security issues: - CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote bsc1137595. - CVE-2019-11704: Fixed a heap-based buffer overflow in parsergetnextchar bsc1137595. - CVE-2019-11705: Fixed a stack-based buffer...

CVE-2019-6989

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevate...

Stack overflow

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevate...

CVE-2019-6989

CVE-2019-6989 describes a stack-based buffer overflow in TP-LINK TL-WR940N (and TL-WR941ND) caused by improper bounds checking in ipAddrDispose. The vulnerability can be triggered by specially crafted ICMP echo requests, allowing a remote authenticated attacker to overflow a buffer and execute ar...

CVE-2019-10967

The CVE-2019-10967 entry concerns Emerson Ovation OCR400 Controller with OCR400 v3.3.1 or earlier. A stack-based buffer overflow in the embedded third‑party FTP server arises from improper handling of a long file name in the LIST command, potentially overwriting buffers and enabling remote code e...

Advantech WebAccess < 8.3.5 Multiple Vulnerabilities (ICSA-19-092-01)

Binary data 700723.prm...

Axessh 4.2 - &#039;Log file name&#039; Local Stack-based Buffer Overflow

Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link: http://www.labf.com/download/axessh.exe Version v4.2 Tested on: Windows 7 SP1 EN x86...

Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in the Linux Kernel. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-1000026 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the improper validation of user-supplied input by the bnx2x...

Stack-Based Buffer Overflow

PHP is vulnerable to stack-based buffer overflow attacks. An attacker could exploit a flaw in the zendinidoop function in Zend/zendiniparser.c file. which may leads to a denial of serviceDoS or potentially execute arbitrary code...

CVE-2018-7186

Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...

CVE-2018-3849

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution...

EulerOS Virtualization 3.0.1.0 : squashfs-tools (EulerOS-SA-2019-1459)

According to the versions of the squashfs-tools package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer overflow in the queueinit function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attacke...

EulerOS Virtualization 3.0.1.0 : binutils (EulerOS-SA-2019-1431)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer wraparound has been discovered in the Binary File Descriptor BFD library distributed in GNU Binutils up to version...

EulerOS Virtualization 3.0.1.0 : jbigkit (EulerOS-SA-2019-1430)

According to the version of the jbigkit package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Stack-based buffer overflow in the jbgdecin function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a...

EulerOS Virtualization 3.0.1.0 : icu (EulerOS-SA-2019-1453)

According to the versions of the icu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Double free in i18n/zonemeta.cpp in International Components for Unicode ICU for C/C++ through 59.1 allows remote attackers to execut...