7301 matches found
CVE-2018-3906
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack...
CVE-2018-3914
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker ca...
CVE-2018-3913
Samsung SmartThings Hub STH-ETH-250 (Firmware 0.20.17) is affected by a stack-based buffer overflow in the video-core HTTP server’s shard data retrieval. The vulnerability arises from unconstrained strcpy Copy operations when reading fields from the shard table (secretKey, accessKey, sessionToken...
(Pwn2own) Samsung Galaxy S8 Shannon GPRS Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP header...
Amazon Linux AMI : ntp (ALAS-2018-1083)
ntpd in ntp 4.2.x before 4.2.8p7 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for...
Delta Industrial Automation CNCSoft ScreenEditor DPB File UserVARComment wFont Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...
EulerOS Virtualization 2.5.0 : ncurses (EulerOS-SA-2018-1252)
According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary...
Stack overflow
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address...
CVE-2018-17065
CVE-2018-17065 affects D-Link DIR-816 A2 (firmware 1.10 B05). The flaw is a stack-based buffer overflow in the /goform/DDNS handler caused by processing very long passwords, which can overwrite the return address. Connected sources corroborate the affected product and vulnerability class. No offi...
CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...
CVE-2018-16743
An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...
CVE-2018-16666
CVE-2018-16666 affects Contiki-NG up to version 4.1, with a stack-based buffer overflow in next_string (os/storage/antelope/aql-lexer.c) during AQL parsing. The CNVD/NVD entries describe an attacker-exploitable condition that can lead to code execution. No patch/version remediation details are pr...
Amazon Linux AMI : pcre (ALAS-2018-1076)
The compilebranch function in pcrecompile.c in PCRE 8.x and pcre2compile.c in PCRE2 mishandles patterns containing an ACCEPT substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a...
(0Day) Wecon LeviStudioU hmi_bmplib_dll G_bmp szFilename Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...
Delta Industrial Automation CNCSoft ScreenEditor DPB File wMessage1 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...
Delta Industrial Automation CNCSoft ScreenEditor DPB File Version Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...
Delta Industrial Automation CNCSoft ScreenEditor DPB File wFontText Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...
Delta Industrial Automation CNCSoft ScreenEditor DPB File wKPFString Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...
(0Day) Wecon LeviStudioU SNMP_Configuration DataList General Elements Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...