CVE-2018-5809

An error within the "LibRaw::parseexif" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code...

Stack overflow

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...

CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...

CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...

Oracle Linux 6 : ntp (ELSA-2018-3854)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-3854 advisory. - add disable monitor to default ntp.conf CVE-2013-5211 - fix buffer overflow in parsing of address in ntpq and ntpdc CVE-2018-12327 - fix CVE-2016-7429 patch t...

CentOS Update for ntp CESA-2018:3854 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : FreeBSD -- bootpd buffer overflow (fa6a4a69-03d1-11e9-be12-a4badb2f4699)

Due to insufficient validation of network-provided data it may be possible for a malicious attacker to craft a bootp packet which could cause a stack-based buffer overflow. Impact : It is possible that the buffer overflow could lead to a Denial of Service or remote code execution. C Tenable Netwo...

Low: Red Hat Security Advisory: ntp security update

An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

SRC-2019-0031 : Foxit Reader PDF Printer proxyPreviewAction Stack Buffer Overflow Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

Stack overflow

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the SM array is mishandled...

CVE-2018-20196

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the SM array is mishandled...

CVE-2018-20196

There is a stack-based buffer overflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the SM array is mishandled...

CentOS Update for kernel CESA-2018:3651 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-16596

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box 2, Standard, and Plus prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UD...

There are vulnerabilities in NTPv4 that affect AIX.

IBM SECURITY ADVISORY First Issued: Fri Dec 14 12:20:13 CST 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/ntpadvisory11.asc https://aix.software.ibm.com/aix/efixes/security/ntpadvisory11.asc...

CVE-2018-19118

Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service stack-based buffer overflow via the 'Domain Name' field when adding a new domain...

CVE-2018-19118

CVE-2018-19118 affects Zoho ManageEngine ADAudit prior to version 5.1 build 5120. The issue is a stack-based buffer overflow in the handling of the 'Domain Name' field when adding a new domain, which allows remote attackers to cause a denial of service. Connected sources consistently describe thi...

CVE-2018-20056

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter...

Stack overflow

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

CVE-2018-20004

CVE-2018-20004 affects Mini-XML (mxml) 2.12. It describes a stack-based buffer overflow in mxml_write_node (mxml-file.c) triggered via vectors involving a double-precision number and the substring . The issue is documented across multiple advisories (e.g., Mageia MGASA-2019-0159 and Fedora update...