Ubuntu 18.04 LTS / 20.04 LTS : libjpeg-turbo vulnerabilities (USN-5631-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5631-1 advisory. It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause...

CVE-2022-41220

md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input...

Stack overflow

DISPUTED md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input...

CVE-2022-41220

CVE-2022-41220 : Red Hat and third‑party sources identify a stack‑based buffer overflow in md2roff 1.9 triggered by processing a Markdown file. The Red Hat entries and related postings confirm this vulnerability is separate from CVE-2022-34913. The exploit demonstrations show an out‑of‑bounds/sta...

Oracle Linux 9 : dbus-broker (ELSA-2022-6608)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-6608 advisory. 28-5.1 - Fix a stack buffer over-read in the c-shquote library - Fix null pointer reference when supplying a malformed XML config file - Add gating.yam...

Host Engineering Communications Module

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from adjacent network/low attack complexity Vendor: Host Engineering Equipment: H0-ECOM100 Communications Module Vulnerability: Stack-based Buffer overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the...

Security Bulletin: Mitigations are being announced to address CVE-2020-4839 and CVE-2021-29695

Summary IBM products 8335-GCA, 8335-GTA, and 8335-GTB have identified security vulnerabilities. Vulnerability Details CVEID:CVE-2020-4839 DESCRIPTION: IBM Host firmware for LC-class Systems is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A remote privileged...

CVE-2022-2471

CVE-2022-2471 describes a stack-based buffer overflow in EZVIZ’s Motion Detection component used by multiple EZVIZ cameras (CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL). The underlying flaw allows a remote attacker to execute arbitrary code on the affected d...

Dell Client BIOS Multiple Vulnerabilities (DSA-2022-224)

The Dell BIOS on the remote device is missing a security patch and is, there, is affected by multiple vulnerabilities. - Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security...

EulerOS 2.0 SP9 : vim (EulerOS-SA-2022-2336)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software,...

Huawei EulerOS: Security Advisory for uboot-tools (EulerOS-SA-2022-2306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2306)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the 'i2c md' command enables the...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2335)

According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the 'i2c md' command enables th...

CVE-2022-33185. Several commands in Brocade Fabric OS use unsafe string function to process user input

Security Advisory ID : BSA-2022-2078 Component : FOS Revision : 1.1 Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer...

Stack overflow

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system...

CVE-2022-31226

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system...

SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:3229-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3229-1 advisory. - Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability...

Amazon Linux 2022 : cifs-utils, cifs-utils-devel, cifs-utils-info (ALAS2022-2022-089)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-089 advisory. A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. CVE-2022-27239 A flaw was found...

CVE-2022-25308

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service...

Stack overflow

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service...