Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3775-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3775-1 advisory. It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness ...

Delta Electronics ISPSoft

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Delta Electronics Equipment: ISPSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the...

ABB Panel Builder 800 Stack-based Buffer Overflow (CVE-2018-10616)

A stack-based buffer overflow exists in ABB Panel Builder. The vulnerability is due to an input validation error while processing a parameter for ABB Comli OPC driver setting...

Ubuntu: Security Advisory (USN-3776-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-3999

An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and then used in a...

CVE-2018-3999

Atlanti s Word Processor CVE-2018-3999 affects the JPEG parser in Atlantis Word Processor 3.2.5.0. A specially crafted embedded JPEG image can cause a length underflow, treated as unsigned, leading to a heap-based buffer overflow during decoding of JPEG markers (APPx handling) and subsequent copy...

USN-3776-1: Linux kernel vulnerabilities

Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-17182 It was discovered that the...

Atlantis Word Processor JPEG length underflow code execution vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and then used ...

CVE-2018-17439

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5Sextentgetdims in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file...

Fuji Electric FRENIC Devices (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit/public exploits are available Vendor : Fuji Electric Equipment : FRENIC Loader, FRENIC-Mini C1, FRENIC-Mini C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace Vulnerabilities : Buffer Over-read,...

SUSE SLES11 Security Update : mgetty (SUSE-SU-2018:2850-1)

This update for mgetty fixes the following issues : CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752 CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reached i...

CVE-2018-10602

WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files...

openSUSE Security Update : liblouis (openSUSE-2018-1039)

This update for liblouis fixes the following issues : Security issues fixed : - CVE-2018-11440: Fixed a stack-based buffer overflow in the function parseChars in compileTranslationTable.c bsc1095189 - CVE-2018-11577: Fixed a segmentation fault in loulogPrint in logging.c bsc1095945 -...

CVE-2018-17439

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5Sextentgetdims in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file...

CVE-2018-17439

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5Sextentgetdims in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file...

SUSE SLED12 / SLES12 Security Update : liblouis (SUSE-SU-2018:2780-1)

This update for liblouis, python-louis, python3-louis fixes the following issues : Security issues fixed : CVE-2018-11440: Fixed a stack-based buffer overflow in the function parseChars in compileTranslationTable.c bsc1095189 CVE-2018-11577: Fixed a segmentation fault in loulogPrint in logging.c...

Stack overflow

An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svgstring.c allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because a strncpy copy limit is miscalculated...

CVE-2018-17174

The CVE-2018-17174 affects the xtimor NMEA library (aka nmealib) up to version 0.5.3. The vulnerability is a stack-based buffer overflow in nmea_parse() (parser.c), allowing malformed data to trigger denial of service and, in certain contexts, potentially arbitrary code execution within a product...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker ca...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack...