CVE-2016-10040

CVE-2016-10040 : The connected Nessus/NVD-derived documents confirm a stack-based buffer overflow in QXmlSimpleReader of Qt 4.8.5, enabling a remote attacker to cause an application crash (DoS) via a crafted XML file with multiple nested open tags. The description explicitly ties this to Qt 4.8.5...

CVE-2016-8385

An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF to XML a stack variable will be left uninitialized which will later be used to fetch a length that is used in a copy operation. In mo...

F5 Networks BIG-IP : libarchive vulnerability (K13074505)

Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename. CVE-2016-8687 C Tenable Network Security, Inc. The descriptive text and package checks in...

Stack overflow

It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent...

CVE-2016-1245

CVE-2016-1245 affects the Quagga zebra daemon before 1.0.20161017, with a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages due to BUFSIZ dependence. Connected documents corroborate the vulnerability in Quagga across multiple vendors; exploitation details are not provid...

CVE-2016-1245

It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent...

CVE-2016-1245

Removed by vendor...

CVE-2016-7393

Stack-based buffer overflow in the aacsync function in aacparser.c in Libav before 11.5 allows remote attackers to cause a denial of service out-of-bounds read via a crafted file...

Stack overflow

Stack-based buffer overflow in the jpctsfbgetbands2 function in jpctsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image...

CVE-2015-8979

Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service segmentation fault via a long string sent to TCP port 4242...

CVE-2016-9343

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 excluding all firmware versions prior to FRN 16.00, which are not affected. By sending malformed common industrial protocol CIP packet, an attacker may be able to overflow a...

CVE-2016-5798

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote buffer overflow o...

CVE-2016-9343

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 excluding all firmware versions prior to FRN 16.00, which are not affected. By sending malformed common industrial protocol CIP packet, an attacker may be able to overflow a...

CVE-2016-5798

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote buffer overflow o...

CVE-2016-8352

Schneider Electric ConneXium firewalls TCSEFEC23F3F20/21, TCSEFEC23FCF20/21, and TCSEFEC2CF3F20 are affected by a stack-based buffer overflow during SNMP login authentication, enabling remote code execution. Affected versions include all listed variants. Root cause: buffer overflow in SNMP login ...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchbyiname resulting in remote code execution. An attacker can simply...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An attacker can...

CVE-2016-9054

CVE-2016-9054 describes a stack-based buffer overflow in Aerospike Database Server 3.10.0.3, exposed via the querying pathway. The vulnerability occurs in the function as_sindex__simatch_list_by_set_binid when processing a crafted packet that overflows an internal key buffer (setname_binid_typeid...

CVE-2016-9052

CVE-2016-9052 is an exploitable stack-based buffer overflow in Aerospike Database Server 3.10.0.3, triggered during a crafted index query. The vulnerability occurs in as_sindex__simatch_by_iname, which copies an index name into a fixed-size stack buffer (iname[AS_ID_INAME_SZ] = 256) using a lengt...

CVE-2015-8972

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess aka gnuchess before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode...