Delta Industrial Automation DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2018-11685

Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c...

CVE-2018-11684

Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c...

CVE-2018-11683

Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440...

CVE-2018-11626

SELA aka SimplE Lossless Audio v0.1.2-alpha has a stack-based buffer overflow in the core/apev2.c initapev2keys function...

CentOS 7 : librelp (CESA-2018:1223)

An update for librelp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

EulerOS 2.0 SP1 : librelp (EulerOS-SA-2018-1134)

According to the version of the librelp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an...

EulerOS 2.0 SP2 : librelp (EulerOS-SA-2018-1135)

According to the version of the librelp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an...

CVE-2018-11506

The srdoioctl function in drivers/scsi/srioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as...

CVE-2018-1459

CVE-2018-1459 affects IBM Db2 for Linux, UNIX and Windows (including DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1. The vulnerability is a stack-based buffer overflow caused by improper bounds checking, which could allow an attacker to execute arbitrary code locally. The NVD entry lists a CVSSv3 ...

MGASA-2018-0255 Updated pdns packages fix security vulnerability

A stack-based buffer overflow in the dnsreplay tool occurring when replaying a specially crafted PCAP file with the --ecs-stamp option enabled, leading to a denial of service or potentially arbitrary code execution CVE-2018-1046...

Updated pdns packages fix security vulnerability

A stack-based buffer overflow in the dnsreplay tool occurring when replaying a specially crafted PCAP file with the --ecs-stamp option enabled, leading to a denial of service or potentially arbitrary code execution CVE-2018-1046...

RHEL 6 : librelp (RHSA-2018:1702)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1702 advisory. Librelp is an easy-to-use library for the Reliable Event Logging Protocol RELP protocol. RELP is a general-purpose, extensible logging protocol...

F5 Networks BIG-IP : PHP vulnerability (K75543432)

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...

Critical: Red Hat Security Advisory: librelp security update

An update for librelp is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impa...

Critical: Red Hat Security Advisory: librelp security update

An update for librelp is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base...

SUSE SLED12 / SLES12 Security Update : openjpeg2 (SUSE-SU-2018:1364-1)

This update for openjpeg2 fixes the following security issues : - CVE-2015-1239: A double free vulnerability in the j2kreadppmv3 function allowed remote attackers to cause a denial of service crash bsc1066713 - CVE-2017-17479: A stack-based buffer overflow in the pgxtoimage function in...

CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:1332-1)

This update for ghostscript fixes the following issues : - CVE-2018-10194: A stack-based buffer overflow was fixed in gdevpdts.c bsc1090099 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

openSUSE Security Update : ghostscript (openSUSE-2018-479)

This update for ghostscript fixes the following issues : - CVE-2018-10194: A stack-based buffer overflow was fixed in gdevpdts.c bsc1090099 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...