Fedora 37 : xen (2023-881672fdab)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-881672fdab advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...

Fedora 38 : xen (2023-a4c606585e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a4c606585e advisory. xenstored: A transaction conflict can crash C Xenstored XSA-440, CVE-2023-34323 x86/AMD: missing IOMMU TLB flushing XSA-442, CVE-2023-34326 Multiple...

SUSE SLES12 Security Update : xen (SUSE-SU-2023:4185-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4185-1 advisory. - The vulnerability exists due to a reachable assertion when handling negative quota values in C Xenstored. A malicious guest can...

Ubuntu 16.04 ESM / 18.04 ESM : liveMedia vulnerabilities (USN-4853-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4853-1 advisory. It was discovered that liveMedia incorrectly handled certain network packets. An attacker could possibly use this issue to execute arbitrary...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Liblouis vulnerabilities (USN-3672-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3672-1 advisory. Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary...

Ubuntu 16.04 ESM : musl vulnerabilities (USN-4768-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4768-1 advisory. It was discovered that musl did not properly handle kernel syscalls. An attacker could use this vulnerability to cause a denial of service crash or...

Ubuntu 20.04 ESM : Olm vulnerability (USN-5194-1)

The remote Ubuntu 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5194-1 advisory. Denis Kasak discovered that Olm was not verifying the length of input being processed by the olmpkdecrypt module, which introduced a stack-based buffer overflow...

Ubuntu 16.04 ESM : Leptonica vulnerabilities (USN-4819-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4819-1 advisory. It was discovered that Leptonica incorrectly handled path names. An attacker could possibly use this issue to obtain sensitive information. This issue on...

CVE-2023-38584

In Weintek's cMT3000 HMI Web CGI device, the cgi-bin commandwb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication...

CVE-2023-35986 Santesoft Sante DICOM Viewer Pro Stack-based Buffer Overflow

Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...

NI Measurement & Automation Explorer Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Measurement & Automation Explorer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of response data from devices. The issue results from t...

CVE-2023-4601 Stack-based Buffer Overflow in NI System Configuration Software

A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitation requires that an attacker can provide a specially crafted response. This affects NI System Configuration 2023 Q3 and a...

CVE-2023-41712

SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash...

CVE-2023-39278

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash...

CVE-2023-39279

SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash...

CVE-2023-39280

SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash...

Stack overflow

SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash...

Stack overflow

SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash...

CVE-2023-42507

Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file...

CVE-2023-42507

OnSinView2, affected up to version 2.0.1, has a stack-based buffer overflow (CWE-121) that can disclose information or allow arbitrary code execution when a user opens a specially crafted project file. Multiple sources (Red Hat, JVN/JTEKT, CVE records, PT Security) corroborate this vulnerability ...