Security update for libsndfile (critical)

openSUSE Security Update: Security update for libsndfile Announcement ID: openSUSE-SU-2021:1166-1 Rating: critical References: 1100167 1116993 1117954 1188540 Cross-References: CVE-2018-13139 CVE-2018-19432 CVE-2018-19758 CVE-2021-3246 CVSS scores: CVE-2018-13139 NVD : 8.8...

D-Link DAP-2020 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by default. The iss...

Denial Of Service (DoS)

fig2dev is vulnerable to denial of service. A stack-based buffer overflow in the genpstrxtext component in genpstricks.c allows attackers to cause a denial of service DOS by converting a xfig file into pstricks format...

CVE-2021-21815

A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to...

CVE-2021-21815

A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to...

CVE-2021-21812

CVE-2021-21812 describes a stack-based buffer overflow in AT&T Labs’ Xmill 0.7, specifically in the command-line parsing HandleFileArg function. The vulnerability stems from copying user-controlled filepattern data into a fixed-size buffer with strcpy, allowing a path provided on the command line...

Debian: Security Advisory (DLA-2739-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-21680

A stack-based buffer overflow in the putarrow component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pict2e format...

[SECURITY] [DLA 2739-1] libspf2 security update

Debian LTS Advisory DLA-2739-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 11, 2021 https://wiki.debian.org/LTS Package : libspf2 Version : 1.2.10-7+deb9u1 CVE ID : CVE-2021-20314 Philipp Jeitner and Haya Shulman discovered a stack-based buffer overflow...

[SECURITY] [DSA 4955-1] libspf2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4955-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 11, 2021 https://www.debian.org/security/faq -...

CVE-2021-32947

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

CVE-2021-32947

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

Stack overflow

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before...

Stack overflow

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32,...

CVE-2021-38522

NETGEAR R6400 devices before 1.0.1.52 are affected by a stack-based buffer overflow by an authenticated user...

Stack overflow

NETGEAR R6400 devices before 1.0.1.70 are affected by a stack-based buffer overflow by an authenticated user...

CVE-2021-38523

Summary: CVE-2021-38523 affects NETGEAR R6400 routers prior to version 1.0.1.70. The issue is a stack-based buffer overflow that is exploitable by an authenticated user. Affected product/condition: NETGEAR R6400 with firmware versions earlier than 1.0.1.70. Technical details provided: Stack-based...

CVE-2021-38524

CVE-2021-38524 affects multiple NETGEAR devices (MK62, MR60, MS60, RAX15/20/200/45/50/75/80, RBK752, RBR750, RBS750) prior to specific firmware versions (e.g., MK62/MR60/MS60 before 1.0.6.110; RAX series before 1.0.2.82/1.0.3.106; RBK/RBR/RBS before 3.2.16.6). The issue is a stack-based buffer ov...

CVE-2021-38525

CVE-2021-38525 affects a large set of NETGEAR routers (e.g., D3600, D6000, D6200, D7000, EX6xxx, XR500, R6xxx, R7xxx, etc.) with a stack-based buffer overflow vulnerability exploitable by an authenticated user. The issue occurs in multiple models and firmware revisions listed in the vulnerability...

CVE-2021-38525

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before...