CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

Advantech WebAccess Node bwctrkrl Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwctrkrl.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

Advantech WebAccess Node notify2 TeleNum Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within notify2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process...

Advantech WebAccess Node bwsound2 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwsound2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

Advantech WebAccess Node AutoConfig4IIS Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within AutoConfig4IIS.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

Advantech WebAccess Node bwmakdir Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwmakdir.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

Advantech WebAccess Node bwdnload Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwdnload.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

Advantech WebAccess Node wapnp Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within wapnp.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process...

Stack overflow

The ObjReader::ReadObj function in ObjReader.cpp in vincent0629 PDFParser allows remote attackers to cause a denial of service stack-based buffer overflow or possibly execute arbitrary code via a crafted pdf file...

CVE-2018-11128

The ObjReader::ReadObj function in ObjReader.cpp in vincent0629 PDFParser allows remote attackers to cause a denial of service stack-based buffer overflow or possibly execute arbitrary code via a crafted pdf file...

CVE-2018-11128

The CVE-2018-11128 entry describes a buffer overflow in Pdfparser’s ObjReader::ReadObj() within vincent0629 PDFParser, exploitable by processing a crafted PDF. The vulnerability can lead to denial of service or arbitrary code execution on affected systems. CVSS2 (AV:N/AC:M/Au:N/C:P/I:P/A:P) sugge...

Stack overflow

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PHOENIX CONTACT FL SWITCH 3xxx/4xxx/48xx Series

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : PHOENIX CONTACT Equipment : FL SWITCH 3xxx/4xxx/48xx Series Vulnerabilities : Command Injection, Information Exposure, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of...

Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

(0Day) Delta Industrial Automation DOPSoft DPA File TagTotalSize Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Stack overflow

Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 CN routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header...

[ASA-201805-2] libraw: multiple issues

Arch Linux Security Advisory ASA-201805-2 ========================================= Severity: Critical Date : 2018-05-09 CVE-ID : CVE-2018-10528 CVE-2018-10529 Package : libraw Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-681 Summary ======= The package libraw...

Stack overflow

Stack-based buffer overflow in the delayedoutput function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

CVE-2018-8865

CVE-2018-8865 affects Lantech IDS 2102, specifically versions 2.0 and earlier, due to a stack-based buffer overflow that may allow remote code execution. The CVSSv3 base score is 9.8 (CRITICAL) with network access, low complexity, and no user interaction. The vulnerability is documented alongside...