Delta Industrial Automation DOPSoft DPA File BeforeExecMacro Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Simple DirectMedia Layer SDL2_Image LWZ Decompression Buffer Overflow Vulnerability

Summary A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. Tested Versions Simple DirectMedia Layer...

Simple DirectMedia Layer SDL2_image Image Palette Population Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...

CVE-2018-6638

A stack-based buffer overflow Remote Code Execution issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d...

CVE-2018-6638

CVE-2018-6638 affects Design Science MathType 6.9c. A stack-based buffer overflow occurs in a function call where the first argument is a corrupted offset and the second is a stack buffer, enabling Remote Code Execution. The issue is fixed in MathType 6.9d. Connected sources also describe the vul...

Emerson ControlWave Micro Process Automation Controller

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Emerson Process Management LLLP Equipment: ControlWave Micro Process Automation Controller Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS The following versions of ControlWave Micro firmware, a family of...

Disk Savvy Enterprise 10.4.18 Buffer Ovreflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Disk Savvy Enterprise v10.4.18', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise...

CloudMe Sync v1.10.9

This module exploits a stack-based buffer overflow vulnerability in CloudMe Sync v1.10.9 client application. This module has been tested successfully on Windows 7 SP1 x86. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...

Debian: Security Advisory (DLA-1275-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-5475

The CVE-2018-5475 issue affects GE D60 Line Distance Relay devices running firmware version 7.11 and earlier. The vulnerability is described as a stack-based buffer overflow that could allow remote code execution. Related sources (ICS-CERT NCCIC advisory ICSA-18-046-02) confirm the impact and sta...

CVE-2018-7186

Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...

CVE-2018-7186

Leptonica prior to 1.75.3 is vulnerable to a format-string flaw in fscanf/sscanf (%s argument) that can cause a stack-based buffer overflow in remote contexts, via gplotRead and ptaReadStream. Exploitation status is not detailed in the provided documents. Remediation: upgrade to Leptonica 1.75.3 ...

GE D60 Line Distance Relay

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: D60 Line Distance Relay Vulnerabilities: Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUCTS The following versions of the D60 Line...

CVE-2018-6758

The uwsgiexpandpath function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length...

CVE-2018-6758

CVE-2018-6758 affects Unbit uWSGI up to 2.0.15, where the uwsgi_expand_path function in core/utils.c can overflow a stack buffer with a long directory path. This can lead to denial of service or stack corruption. Mitigation: upgrade to a version that includes the fix (e.g., uWSGI 2.0.16 and later...

uwsgi -- a stack-based buffer overflow

Uwsgi developers report: It was discovered that the uwsgiexpandpath function in utils.c in Unbit uWSGI, an application container server, has a stack-based buffer overflow via a large directory length that can cause a denial-of-service application crash or stack corruption...

CVE-2018-5442

Fuji Electric V-Server VPR is affected by CVE-2018-5442, a Stack-based Buffer Overflow in VPR 4.0.1.0 and earlier. The vulnerability arises from improper validation of user-supplied data during project file parsing, copying data into a fixed-length buffer, which can lead to remote code execution....

Hewlett Packard Enterprise Intelligent Management Center dbman Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within dbman.exe. The issue results from the lack of...

[SECURITY] [DSA 4095-1] gcab security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4095-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 24, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4095-1] gcab security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4095-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 24, 2018 https://www.debian.org/security/faq -...