CVE-2021-25469

The vulnerability CVE-2021-25469 affects Widevine trustlet prior to Samsung SMR Oct-2021 Release 1. It is a stack-based buffer overflow in the trustlet that can lead to arbitrary code execution with local access and low attack complexity. Impact is partial to high confidentiality/integrity/availa...

Stack overflow

A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60EN allows remote attackers to execute arbitrary code or cause a denial of service DoS via a crafted POST request to /goform/SetStaticRouteCfg...

openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1318-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1318-1 advisory. - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calcarrow function in bound.c. CVE-2019-14275 - readtextobject in read.c in...

Security update for transfig (moderate)

openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2021:1318-1 Rating: moderate References: 1143650 1159130 1159293 1161698 1186329 Cross-References: CVE-2019-14275 CVE-2019-19555 CVE-2019-19746 CVE-2019-19797 CVE-2021-3561 CVSS scores: CVE-2019-14275 NVD : 5.5...

EulerOS 2.0 SP5 : libjpeg-turbo (EulerOS-SA-2021-2504)

According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libjpeg-turbo all version have a stack-based buffer overflow in the 'transform' component. A remote attacker can send a malformed jpeg fi...

CVE-2021-41581

The CVE-2021-41581 entry describes a stack-based buffer over-read in LibreSSL’s x509_constraints_parse_mailbox (lib/libcrypto/x509/x509_constraints.c) affecting LibreSSL up to and including 3.4.0, occurring when input exceeds DOMAIN_PART_MAX_LEN and the buffer is not 'terminated' (no termination)...

Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2021-2470)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-2765-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : libjpeg-turbo (EulerOS-SA-2021-2470)

According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libjpeg-turbo all version have a stack-based buffer overflow in the 'transform' component. A remote attacker can send a malformed jpeg fi...

Security Bulletin: Vulnerability in IBM Java affects Power Hardware Management Console (CVE-2020-27221).

Summary IBM Java is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-27221 DESCRIPTION: Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8...

Stack overflow

An issue was discovered in libslax through v0.22.1. slaxLexer in slaxlexer.c has a stack-based buffer overflow...

SUSE SLES12 Security Update : transfig (SUSE-SU-2021:3124-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3124-1 advisory. - readtextobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. CVE-2019-19555 ...

Medium: curl

Issue Overview: A flaw was found in curl in the way curl handles a file hash mismatch after downloading content using the Metalink feature. This flaw allows malicious actors controlling a hosting server to trick users into downloading malicious content. The highest threat from this vulnerability ...

Siemens LOGO! CMR and SIMATIC RTU 3000

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: LOGO! CMR2020, LOGO! CMR2040 and SIMATIC RTU 3000 family Vulnerabilities: Incorrect Calculation of Buffer Size, Improper Certificate Validation 2. RISK EVALUATION Successful...

EulerOS 2.0 SP2 : libjpeg-turbo (EulerOS-SA-2021-2396)

According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libjpeg-turbo all version have a stack-based buffer overflow in the 'transform' component. A remote attacker can send a malformed jpeg fi...

CVE-2021-33549

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code...

CVE-2021-33547

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code...

Stack overflow

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code...

CVE-2021-33546

CVE-2021-33546 is a stack-based buffer overflow in the name parameter that enables remote code execution on UDP Technology firmware used in Geutebrück IP cameras. Affected products per sources include Geutebrück G-Cam E2 (G-CAM) and G-Code encoders with specific firmwares: G-CAM versions 1.12.0.2...

CVE-2021-25461

CVE-2021-25461 concerns a stack-based buffer overflow caused by an improper length check in APAService prior to Samsung SMR Sep-2021 Release 1. The vulnerability affects the APAService component and has documented impact in CVSS: CVSSv3.1 base score 7.8 (HIGH) with LOCAL attack vector, LOW attack...