CVE-2021-22925

curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending NEWENV variables, libcurlcould be made to pass on uninitialized data from a stack based...

Apple macOS libType1Scaler PFB Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libType1Scaler library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

Advantech WebAccess SCADA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerabilities: Cross-site Scripting XSS, Relative Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Debian DSA-4948-1 : aspell - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4948 advisory. A buffer overflow was discovered in the Aspell spell checker, which could result in the execution of arbitrary code. For the stable distribution buster, these...

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages...

Geutebrück G-Cam E2 and G-Code

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Geutebrück Equipment: G-Cam E2 and G-Code Vulnerabilities: Missing Authentication for Critical Function, Command Injection, Stack-based Buffer Overflow 2. RISK EVALUATION...

Security Bulletin: GRUB2 as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

Summary GRUB2 as used by IBM QRadar SIEM is vulnerable to arbitrary code execution Vulnerability Details CVEID: CVE-2021-20225 DESCRIPTION: GNU GRUB2 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a heap out-of-bounds write flaw in the short form...

openSUSE 15 Security Update : transfig (openSUSE-SU-2021:2454-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2454-1 advisory. - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calcarrow function in bound.c. CVE-2019-14275 - readtextobject in read.c in...

SUSE SLED15 / SLES15 Security Update : transfig (SUSE-SU-2021:2454-1)

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2454-1 advisory. - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calcarrow function in bound.c. CVE-2019-14275 - readtextobject in read....

Stack overflow

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affect...

RHEL 7 : glibc (RHSA-2021:2813)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2813 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache...

CVE-2019-25050

netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4getatt called from nc4getatttc and ncgetatttext and in uffdcleanup called from netCDFDataset::netCDFDataset and netCDFDataset::netCDFDataset...

openSUSE 15 Security Update : libjpeg-turbo (openSUSE-SU-2021:1958-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1958-1 advisory. - Libjpeg-turbo all version have a stack-based buffer overflow in the transform component. A remote attacker can send a malformed jpeg file to the...

openSUSE 15 Security Update : pam_radius (openSUSE-SU-2021:1896-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1896-1 advisory. - addpassword in pamradiusauth.c in pamradius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based...

Unspecified Vulnerability in D-Link DAP-1330 (CNVD-2021-51472)

D-Link DAP-1330 is a network device a WIFI device from AUO D-Link, Taiwan, China. A security vulnerability exists in the D-Link DAP-1330 1.13B01 BETA, which stems from a lack of proper validation of the length of user-supplied data before copying it to a stack-based fixed-length buffer. An attack...

CVE-2021-34827

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...

Stack overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Cookie HTTP header. The issue results...

Stack overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...

CVE-2021-34830

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Cookie HTTP header. The issue results...

Amazon Linux AMI : glibc (ALAS-2021-1511)

The version of glibc installed on the remote host is prior to 2.17-322.181. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1511 advisory. A vulnerability was discovered in glibc where the LDPREFERMAP32BITEXEC environment variable is not ignored when running...