7301 matches found
Stack overflow
IMFCameraProtect.sys in IObit Malware Fighter 6.2 and possibly lower versions is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution...
CVE-2018-4013
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...
CVE-2018-4013
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...
CVE-2018-14807
CVE-2018-14807 affects Opto 22 PAC Control Basic and PAC Control Professional (versions R10.0a and prior). The vulnerability is a stack-based buffer overflow in the control software that may allow remote code execution. Affected products include PAC Control Basic and PAC Control Professional; the...
Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
These vulnerabilities were discovered by Lilith Wyatt of Cisco Talos. Cisco Talos is disclosing a code execution vulnerability that has been identified in Live Networks LIVE555 streaming media RTSPServer. LIVE555 Streaming Media is a set of open-source C++ libraries developed by Live Networks Inc...
Live Networks LIVE555 streaming media RTSPServer lookForHeader code execution vulnerability
Summary An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...
liveMedia -- potential remote code execution
Talos reports: An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerabili...
UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
GHSA-C99H-FGQM-6679 UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
CVE-2018-17911
CVE-2018-17911 affects LAquis SCADA versions 4.1.0.3870 and earlier, involving multiple stack-based buffer overflow vulnerabilities that can lead to remote code execution. The connected advisories describe concrete vulnerable executables (e.g., aq.exe, vrel.exe, editorldriver.exe) and indicate ex...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3172-1)
This update for the Linux Kernel 3.12.74-6064104 fixes several issues. The following security issues were fixed : CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...
Delta Industrial Automation TPEditor MRC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
openSUSE Security Update : mgetty (openSUSE-2018-1144)
This update for mgetty fixes the following issues : - CVE-2018-16741: Fixed a command injection in fax/faxq-helper.c boo1108752 - CVE-2018-16742: Stack-based buffer overflow in contrib/scrts.c triggered via command line parameter boo1108762 - CVE-2018-16743: Stack-based buffer overflow with long...
Security update for mgetty (moderate)
This update for mgetty fixes the following issues: - CVE-2018-16741: Fixed a command injection in fax/faxq-helper.c boo1108752 - CVE-2018-16742: Stack-based buffer overflow in contrib/scrts.c triggered via command line parameter boo1108762 - CVE-2018-16743: Stack-based buffer overflow with long...
NUUO NVRmini2 and NVRsolo
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: NUUO Equipment: NVRmini2, NVRsolo Vulnerabilities: Stack-based Buffer Overflow, Leftover Debug Code 2. RISK EVALUATION Successful exploitation of these...
CVE-2018-14818
Wecon PI Studio HMI/PI Studio contain a stack-based buffer overflow vulnerability (CVE-2018-14818) affecting PI Studio HMI <=4.1.9 and PI Studio <=4.2.34 (also reflected in ICS advisory updates for PI Studio <=4.1.9 and
CVE-2018-11778
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
CVE-2018-11778
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
WECON PI Studio (Update A)
1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 4 --------- CVSS v3 7.8 ATTENTION: Low attack complexity --------- End Update A Part 1 of 4 --------- Vendor: WECON Technology Co., Ltd. WECON Equipment: PI Studio Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write,...
[SECURITY] [DLA 1531-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.110-3+deb9u5deb8u1 CVE ID : CVE-2018-6554 CVE-2018-6555 CVE-2018-7755 CVE-2018-9363 CVE-2018-9516 CVE-2018-10902 CVE-2018-10938 CVE-2018-13099 CVE-2018-14609 CVE-2018-14617 CVE-2018-14633 CVE-2018-14678 CVE-2018-14734 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276...