Opto 22 PAC Control Basic and PAC Control Professional

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Opto 22 Equipment: PAC Control Basic and PAC Control Professional Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device...

SUSE SLES11 Security Update : liblouis (SUSE-SU-2018:2569-1)

This update for liblouis, python-louis fixes the following issues : Security issues fixed : CVE-2018-11684: Fixed stack-based buffer overflow in the function includeFile in compileTranslationTable.c bsc1095826 CVE-2018-11685: Fixed a stack-based buffer overflow in the function compileHyphenation ...

CVE-2018-11824

A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660...

SUSE-SU-2018:2569-1 Security update for liblouis

This update for liblouis, python-louis fixes the following issues: Security issues fixed: - CVE-2018-11684: Fixed stack-based buffer overflow in the function includeFile in compileTranslationTable.c bsc1095826 - CVE-2018-11685: Fixed a stack-based buffer overflow in the function compileHyphenatio...

Cisco WebEx Network Recording Player ATJPEG60 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

SIPP 3.3 - Stack-Based Buffer Overflow

SIPP 3.3 - Stack-Based Buffer Overflow Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: SIPP 3.3 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user suppliedinput while reading the...

SIPP 3.3 - Stack-Based Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: SIPP 3.3 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user suppliedinput while readin...

SIPP 3.3 - Stack-Based Buffer Overflow

Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: SIPP 3.3 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user suppliedinput while reading the configuration file and parsing the malicious...

CVE-2018-3916

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can...

CVE-2018-3916

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can...

Debian DLA-1478-1 : libextractor security update

It was discovered that there were two vulnerabilities in libextractor, a library to obtain metadata from files of arbitrary type. - A stack-based buffer overflow in unzip.c. CVE-2018-14346 - An infinite loop vulnerability in mpegextractor.c. CVE-2018-14347 For Debian 8 'Jessie', these issues have...

USN-3752-1: Linux kernel vulnerabilities

It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service system crash. CVE-2018-1000200 Wen Xu discovered that the XFS...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its SQLite database,...

CVE-2018-3919

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the "clips" table of its SQLite...

CVE-2018-3919

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the "clips" table of its SQLite...

CVE-2018-3919

CVE-2018-3919 affects Samsung SmartThings Hub STH-ETH-250 (firmware 0.20.17). The vulnerability is a stack-based buffer overflow in video-core HTTP server when retrieving fields from the SQLite clips table. The function copies data into per-field buffers (max 512 bytes) without length checks, all...

Google Chrome < 62.0.3202.89 Multiple Vulnerabilities

Binary data 700348.pasl...

CVE-2018-6692

CVE-2018-6692 describes a stack-based buffer overflow in Belkin’s Wemo Insight Smart Plug, specifically in the library libUPnPHndlr.so. The flaw can be triggered by crafting an HTTP POST to UPnP endpoints (notably through the EnergyPerUnitCostVersion field inside a SOAP/UPnP payload), leading to ...

Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Remotely exploitable/Low skill level to exploit Vendor: Yokogawa Equipment: iDefine, STARDOM, ASTPLANNER, and TriFellows Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary...

CVE-2018-3938

An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POS...