Denial Of Service (DoS)

Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP Border Gateway Protocol routing protocol. The Quagga ospfd and ospf6d daemons implement the OSPF Open Shortest Path First routing protocol. A heap-based buffer overflow flaw was found in the way the bgpd...

Denial Of Service (DoS) And Remote Code Execution (RCE)

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that,...

Orpak SiteOmat

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: Orpak acquired by Gilbarco Veeder-Root Equipment: SiteOmat Vulnerabilities: Use of Hard-coded Credentials, Cross-site Scripting, SQL Injection, Missing Encryption of...

Stack overflow

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370...

CVE-2019-10952 Rockwell Automation CompactLogix 5370 Uncontrolled Resource Consumption

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370...

CVE-2019-11639

An issue was discovered in GNU recutils 1.8. There is a stack-based buffer overflow in the function rectypecheckenum at rec-types.c in librec.a...

Stack overflow

An issue was discovered in GNU recutils 1.8. There is a stack-based buffer overflow in the function rectypecheckenum at rec-types.c in librec.a...

EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2019-1297)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.CVE-2019-7398 - In ImageMagick 7.0.8-36 Q16, there is...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1298)

According to the version of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to...

Using Foxit Reader PDF Printer to achieve provided the right-vulnerability warning-the black bar safety net

Last year, I wrote an article about the Foxit Reader, tap the UAF vulnerability of the process, and how to exploit the vulnerability remote code execution attacks. After that, I'm in one of the articles described in Foxit Reader SDK ActiveX in a command injection vulnerability. The spirit does no...

Security update for GraphicsMagick (moderate)

openSUSE Security Update: Security update for GraphicsMagick Announcement ID: openSUSE-SU-2019:1272-1 Rating: moderate References: 1132053 1132054 1132055 1132058 1132060 1132061 Cross-References: CVE-2019-11005 CVE-2019-11006 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11010 Affected...

CVE-2019-11365

An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...

CVE-2019-11365

CVE-2019-11365 is a vulnerability in atftpd/atftp 0.7.1 where a crafted error packet (3 bytes or fewer) can trigger a stack-based buffer overflow due to an insecure strncpy in multiple files (tftpd_file.c, tftp_file.c, tftpd_mtftp.c, tftp_mtftp.c). Public advisories (Ubuntu, SUSE, OpenVAS/Nessus)...

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in GNU glibc (CVE-2018-11236)

Summary IBM Advanced Management Module AMM has addressed the following vulnerability in GNU glibc. Vulnerability Details CVEID: CVE-2018-11236 DESCRIPTION: GNU glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds of checking by the pathname arguments in the realpath...

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

Updated gpsd packages fix security vulnerability

A stack-based buffer overflow flaw was found in gpsd versions 2.90 to 3.17. Successful exploitation of this vulnerability could allow remote code execution, data exfiltration, or denial-of service via device crash CVE-2018-17937...

Stack overflow

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution RCE vulnerabilities exist, as with all buffer overflows, the possibility of RCE...

CVE-2019-9134

Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code...

Stack overflow

Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code...