EulerOS Virtualization 3.0.1.0 : glibc (EulerOS-SA-2019-1551)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to th...

Stack overflow

An issue was discovered in Easy File Sharing EFS Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code...

Stack overflow

An exploitable code execution vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution...

Stack overflow

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

Stack overflow

An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

Anker Roav A1 Dashcam WifiCmd 9999 Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Tested Versions Anker Roav A1...

Novatek NT9665X XML_UploadFile path overflow code execution vulnerability

Summary An exploitable code execution vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9”. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. Tested...

Updated mxml packages fix security vulnerabilities

Updated mxml packages fix security vulnerabilities: An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml CVE-2018-2000...

ImageMagick < 7.0.8-44 Multiple vulnerabilities

The version of ImageMagick installed on the remote Windows host is 7.x prior to 7.0.8-44. It is, therefore, affected by multiple vulnerabilities: - A denial of service vulnerability exists due to a failure to handle exceptional conditions. An unauthenticated, remote attacker can exploit this by...

Stack overflow

The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable...

CVE-2019-10999

The CVE-2019-10999 issue affects D-Link DCS series cameras with the alphapd web server, via a stack-based buffer overflow triggered by a long WEPEncryption value in wireless.htm. Root cause: improper handling in alphapd leading to remote code execution. Affected devices include DCS-5009L, 5010L, ...

openSUSE Security Update : ImageMagick (openSUSE-2019-1331)

This update for ImageMagick fixes the following issues : Security issues fixed : - CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel bsc1130330. - CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage bsc1131317. - CVE-2019-11007: Fixed a heap-based buffer overflow...

Stack-based Buffer Overflow

Linux kernel is vulnerable to stack-based buffer overflow vulnerability. The vulnerability exists in the sgioctl function in drivers/scsi/sg.c in the Linux kernel. A local user could cause a a denial of service condition or possibly have unspecified other impacts via a large command size in an...

Buffer Overflow

Quagga is vulnerable to stack-based buffer overflow attacks. When a certain VPNv4 configuration is used a remote attacker may crash Quagga BGP routing daemon bgpd which leads to denial of service DoS...

Man-in-the-Middle (MitM)

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

Improper Input Validation And Arbitary Code Injection

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

Denial Of Service (DoS)

firefox/thunderbird is vulnerable to denial of service. The AnimationThread function uses an incorrect argument to the sscanf function, allowing remote attackers to crash the application in a stack-based buffer overflow...

Buffer Overflow

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...

Integer Overflow

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...

Integer Overflow

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...