7301 matches found
Advantech WebAccess Client bwswfcfg Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwswfcfg.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...
Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability
Summary An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability...
FreeBSD : liveMedia -- potential remote code execution (fa194483-dabd-11e8-bf39-5404a68ad561)
Talos reports : An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this...
CVE-2018-11824
CVE-2018-11824 describes a stack-based buffer overflow in a firmware routine of Qualcomm/ Snapdragon components ( Snapdragon Mobile, Snapdragon Wear ) affecting multiple platform variants (MDM9206, MDM9607, MDM9650, SD 210/212/205, SD 835, SD 845, SD 850, SDA660). The root cause is a overflow in ...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3470-1)
This update for the Linux Kernel 4.4.121-9295 fixes several issues. The following security issues were fixed : CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An...
EulerOS Virtualization 2.5.1 : glibc (EulerOS-SA-2018-1332)
According to the version of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the...
openSUSE: Security Advisory for pdns (openSUSE-SU-2018:1442-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : ntp (openSUSE-2018-1280)
This update for NTP to version 4.2.8p12 fixes the following vulnerabilities bsc1111853 : - CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofi...
Advantech WebAccess
1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Vulnerabilities: Improper Access Control, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for arbitrary...
SUSE SLES11 Security Update : ntp (SUSE-SU-2018:3352-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
SUSE SLES12 Security Update : ntp (SUSE-SU-2018:3351-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
Advantech WebAccess Node webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x138bd IOCTL in the webvrpcs process. The issue...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:3342-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
SUSE SLES11 Security Update : ntp (SUSE-SU-2018:3356-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
SUSE SLED12 / SLES12 Security Update : pam_pkcs11 (SUSE-SU-2018:3311-1)
This update for pampkcs11 provides the following fixes : Security issues fixed bsc1105012 : Fixed a logic bug in pampkcs11.c, leading to an authentication replay vulnerability Fixed a stack-based buffer overflow in opensshmapper.c Make sure memory is properly cleaned before invoking free Other...
Advantech WebAccess Client bwwebd Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwwebd.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...
Advantech WebAccess Node bwmakdir Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwmakdir.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...
Advantech WebAccess Client bwwebv Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwwebv.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...
CVE-2018-14816
CVE-2018-14816 maps to multiple stack-based buffer overflow flaws in Advantech WebAccess components. Connected advisories (ZDI-18-1300, -1302, -1303, -1304, -1305, -1306, -1307, -1300? and related CNVD) describe remote code execution via careless validation of user-supplied data copied into fixed...
Critical RCE Bug Impacts Streaming Server Libraries: VLC, MPLayer Not Impacted
A critical remote code-execution bug has been found in the popular Live Networks LIVE555’s streaming media RTSPServer. The vulnerability could allow an attacker to send a specially crafted packet to vulnerable systems and trigger a stack-based buffer overflow, according to researchers at Cisco...