Siemens SINEMA Remote Connect (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SINEMA Remote Connect Client and Server Vulnerabilities: Incorrect Calculation of Buffer Size, Out-of-bounds Read, Stack-based Buffer Overflow, Improper Handling of Insufficient...

EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1207)

According to the version of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted...

EulerOS Virtualization 2.5.3 : glibc (EulerOS-SA-2019-1166)

According to the version of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the...

CVE-2019-11005

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a quoted font family value...

CVE-2019-10914

CVE-2019-10914 affects MatrixSSL 4.0.1 Open (used in Inside Secure TLS Toolkit). Root cause is a stack-based buffer overflow during X.509 certificate verification due to missing validation in psRsaDecryptPubExt (crypto/pubkey/rsa_pub.c). Public sources warn of potentially severe impact (high on C...

openSUSE: Security Advisory for liblouis (openSUSE-SU-2019:1160-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:1160-1 Security update for liblouis

This update for liblouis fixes the following issues: Security issues fixed: - CVE-2018-17294: Fixed an out of bounds read in matchCurrentInput function which could allow a remote attacker to cause Denail of Service bsc1109319. - CVE-2018-11410: Fixed an invalid free in the compileRule function in...

Security update for liblouis (moderate)

openSUSE Security Update: Security update for liblouis Announcement ID: openSUSE-SU-2019:1160-1 Rating: moderate References: 1094685 1095189 1095825 1095826 1095827 1095945 1097103 1109319 Cross-References: CVE-2018-11410 CVE-2018-11440 CVE-2018-11577 CVE-2018-11683 CVE-2018-11684 CVE-2018-11685...

CVE-2018-1936

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...

Advantech WebAccess Node jpegconv Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within jpegconv.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

Advantech WebAccess Node BwOpcImg Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwOpcImg.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

Advantech WebAccess Client upandpr scanf Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within a scanf call in upandpr.exe, which is accessed through the 0x2711 IOCTL in...

[SECURITY] [DLA 1738-1] gpsd security update

Package : gpsd Version : 3.11-3+deb8u1 CVE ID : CVE-2018-17937 Debian Bug : 925327 A security vulnerability was discovered in gpsd, the Global Positioning System daemon. A stack-based buffer overflow may allow remote attackers to execute arbitrary code via traffic on port 2947/TCP or crafted JSON...

CVE-2019-10269

CVE-2019-10269 affects Burrows-Wheeler Aligner (BWA) prior to 2019-01-23. The flaw is a stack-based buffer overflow in the bns_restore function (bntseq.c) caused by a long sequence name in an accompanying .alt file. This vulnerability is documented in multiple security advisories (Ubuntu USN entr...

CVE-2019-10269

BWA aka Burrow-Wheeler Aligner before 2019-01-23 has a stack-based buffer overflow in the bnsrestore function in bntseq.c via a long sequence name in a .alt file...

SUSE SLES12 Security Update : ovmf (SUSE-SU-2019:0766-1)

This update for ovmf fixes the following issues : Security issues fixed : CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. CVE-2018-12181: Fixed a stack-based buffer overflow in...

[ASA-201903-15] imagemagick: arbitrary code execution

Arch Linux Security Advisory ASA-201903-15 ========================================== Severity: Critical Date : 2019-03-28 CVE-ID : CVE-2019-9956 Package : imagemagick Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-931 Summary ======= The package imagemagic...

openSUSE Security Update : pdns (openSUSE-2019-403)

This update for pdns fixes the following issues : Security issues fixed : - CVE-2018-1046: Fix an issue with replaying a specially crafted PCAP file that can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution bsc1092540. %NASLMINLEVEL 70300 C Tenabl...

SUSE SLES12 Security Update : ovmf (SUSE-SU-2019:0738-1)

This update for ovmf fixes the following issue : Security issue fixed : CVE-2018-12181: Fixed a stack-based buffer overflow in the HII database when a corrupted Bitmap was used bsc1128503. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

openSUSE Security Update : Chromium (openSUSE-2019-559)

This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530 : - CVE-2018-6153: Stack-based buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC ...