CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...

Arbitrary Code Execution

unrar-free is vulnerable to arbitrary code execution. A stack-based buffer over-read in unrarlib.c related to ExtrFile and stricomp, allows an attacker to execute arbitrary code on the host OS...

[SECURITY] [DLA 2567-1] unrar-free security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2567-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz February 18, 2021 https://wiki.debian.org/LTS -...

CVE-2020-27221

In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding...

CVE-2020-28596

PrusaSlicer 2.2.0 and Master (commit 4b040b856) are affected by a stack-based buffer overflow in ObjParser::objparse(). A fixed-size stack buffer (buf) is fed by fread in a loop, with insufficient bounds checking, enabling potential code execution via a crafted .obj file. The vulnerability is evi...

Omron CX-One NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

Schneider Electric EcoStruxure Power Build SSD File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

CVE-2021-25139

A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This...

CVE-2021-26675

CVE-2021-26675 affects ConnMan’s DNS proxy (dnsproxy) prior to version 1.39. It is a stack-based buffer overflow that could allow a network-adjacent attacker to execute arbitrary code, as described across multiple sources (Arch Linux ASA, openSUSE update, Debian DSA/DLA, Gentoo GLSA). The issue i...

CVE-2020-27001

CVE-2020-27001 affects Siemens JT2Go < 13.1.0.2 and Teamcenter Visualization

CVE-2020-27261

The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code...

Stack overflow

The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code...

Denial Of Service (DoS)

glibc is vulnerable to denial of service DoS. The vulnerability exists through sysdeps/i386/ldbl2mpn.c where a stack-based buffer overflow occurs on the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1256)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1275)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1275)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while...

Huawei EulerOS: Security Advisory for quagga (EulerOS-SA-2021-1227)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python and python3 packages fix security vulnerability

A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...

EulerOS 2.0 SP5 : openjpeg (EulerOS-SA-2021-1220)

According to the versions of the openjpeg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability...

Apple macOS CoreText ApplyContextPosFormat2 TTF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the CoreText library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing o...