SUSE SLED12 / SLES12 Security Update : poppler (SUSE-SU-2017:1999-1)

This update for poppler fixes the following issues: Security issues fixed : - CVE-2017-9775: DoS stack-based buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document bsc1045719 - CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF...

Continental AG Infineon S-Gold 2 (PMB 8876)

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Continental AG Equipment: Infineon S-Gold 2 PMB 8876 Vulnerabilities: Stack-Based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUC...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

Stack overflow

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) that can cause DoS or code execution via a crafted OpenType font. Affected component: FontForge parser for TrueType/OpenType data. Root cause: stack-based overflow in addnibble when processing font data. I...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11517

Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request...

CVE-2017-11517

Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request...

CVE-2017-9765

Integer overflow in the soapget function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow and application crash via a large XML document, aka Devil'...

AXIS gSOAP Message Handling RCE (ACV-116267) (Devil's Ivy)

The remote AXIS device is running a firmware version that is missing a security patch. It is, therefore, affected by a remote code execution vulnerability, known as Devil's Ivy, due to an overflow condition that exists in a third party SOAP library gSOAP. An unauthenticated, remote attacker can...

CVE-2017-11420

Stack-based buffer overflow in ASUSDiscovery.c in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...

openSUSE Security Update : ncurses (openSUSE-2017-823)

This update for ncurses fixes the following issues : Security issues fixed : - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmtentry function. bsc1046858 - CVE-2017-10685: Possible RCE with format string vulnerability in the fmtentry function. bsc1046853 Bugfixes : - Drop...

CVE-2017-11362

In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformatparse.c does not restrict the locale length, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact within International...

CVE-2017-11362

In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformatparse.c does not restrict the locale length, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact within International...

CVE-2017-11362

In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformatparse.c does not restrict the locale length, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact within International...

PHP 7.0.x < 7.0.21 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.21. It is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists in the PCRE library in the compilebracketmatchingpath function within file pcrejitcompile.c. An...

CVE-2017-11190

unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via an RAR archive containing a long filename...

CVE-2017-11190

unrarlib.c in unrar-free 0.0.1, when DEBUGLOG mode is enabled, might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via an RAR archive containing a long filename...