Important: dhcp

Issue Overview: A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storag...

MGASA-2021-0331 Updated connman packages fix security vulnerability

Updated connman packages fix security vulnerability. ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA CVE-2021-33833...

Security update for libjpeg-turbo (moderate)

openSUSE Security Update: Security update for libjpeg-turbo Announcement ID: openSUSE-SU-2021:1958-1 Rating: moderate References: 1186764 Cross-References: CVE-2020-17541 CVSS scores: CVE-2020-17541 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An...

Stack overflow

A stack-based buffer overflow vulnerability exists in the PDF processfontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

Integer overflow

An integer overflow vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-21807

CVE-2021-21807 affects Accusoft ImageGear 19.9 (DICOM parse_dicom_meta_info). A vulnerability in parse_dicom_meta_info’s _size handling causes a stack-based buffer overflow when processing a specially crafted DICOM file. The issue is triggered via perform_some_read_operations using a size value o...

(0Day) Advantech WebAccess Node BwImgExe Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwImgExe.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

(0Day) Advantech WebAccess Node BwFreRPT Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwFreRPT.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

Advisory ROSA-SA-2021-1890

Software: libsndfile 1.0.25 OS: Cobalt 7.9 CVE-ID: CVE-2014-9756 CVE-Crit: CRITICAL CVE-DESC: The psffwrite function in fileio.c in libsndfile allows attackers to cause a denial of service division-by-zero error and application crash via undefined vectors associated with the headindex variable...

CVE-2021-36083

KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE...

CVE-2020-36406

uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree called from uWS::TopicTree::unsubscribeAll. NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application that uses uWebSockets should no...

CVE-2021-36082

ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello...

CVE-2021-36082

ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello...

CVE-2021-36082

CVE-2021-36082 affects ntop nDPI 3.4 and is due to a stack-based buffer overflow in processClientServerHello. The connected sources consistently report this vulnerability in ntop nDPI 3.4; no specific exploit details or patched versions are provided in the documents. The information confirms the ...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2021-1994)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2700-1 : htmldoc - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2700 advisory. A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS, and PDF, which could potentially result in the execution of arbitrar...

Updated dhcp packages fix a security vulnerability

A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information inleases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw allo...

CVE-2021-35474

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

CVE-2021-35474

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...

CVE-2021-35474 Dynamic stack buffer overflow in cachekey plugin

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1...