8440 matches found
GHSA-C99H-FGQM-6679 UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
Stack overflow
A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call...
CVE-2018-18409
CVE-2018-18409 affects tcpflow 1.5.0 (IPTRee.h setbit) with a stack-based buffer over-read, causing denial of service during address_histogram/get_histogram. Public docs confirm the vulnerability and that tcpflow 1.5.2 fixes it (updates referenced by Mageia/Fedora advisories). No exploitation det...
CVE-2018-17911
CVE-2018-17911 affects LAquis SCADA versions 4.1.0.3870 and earlier, involving multiple stack-based buffer overflow vulnerabilities that can lead to remote code execution. The connected advisories describe concrete vulnerable executables (e.g., aq.exe, vrel.exe, editorldriver.exe) and indicate ex...
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3172-1)
This update for the Linux Kernel 3.12.74-6064104 fixes several issues. The following security issues were fixed : CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...
Laquis SCADA vrel Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within vrel.exe. The issue...
Delta Industrial Automation TPEditor MRC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
openSUSE Security Update : mgetty (openSUSE-2018-1144)
This update for mgetty fixes the following issues : - CVE-2018-16741: Fixed a command injection in fax/faxq-helper.c boo1108752 - CVE-2018-16742: Stack-based buffer overflow in contrib/scrts.c triggered via command line parameter boo1108762 - CVE-2018-16743: Stack-based buffer overflow with long...
Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Security update for mgetty (moderate)
This update for mgetty fixes the following issues: - CVE-2018-16741: Fixed a command injection in fax/faxq-helper.c boo1108752 - CVE-2018-16742: Stack-based buffer overflow in contrib/scrts.c triggered via command line parameter boo1108762 - CVE-2018-16743: Stack-based buffer overflow with long...
NUUO NVRmini2 and NVRsolo
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: NUUO Equipment: NVRmini2, NVRsolo Vulnerabilities: Stack-based Buffer Overflow, Leftover Debug Code 2. RISK EVALUATION Successful exploitation of these...
Delta Industrial Automation ISPSoft DVP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2018-14818
Wecon PI Studio HMI/PI Studio contain a stack-based buffer overflow vulnerability (CVE-2018-14818) affecting PI Studio HMI <=4.1.9 and PI Studio <=4.2.34 (also reflected in ICS advisory updates for PI Studio <=4.1.9 and
CVE-2018-11778
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
CVE-2018-11778
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0...
WECON PI Studio (Update A)
1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 4 --------- CVSS v3 7.8 ATTENTION: Low attack complexity --------- End Update A Part 1 of 4 --------- Vendor: WECON Technology Co., Ltd. WECON Equipment: PI Studio Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write,...
[SECURITY] [DLA 1531-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.110-3+deb9u5deb8u1 CVE ID : CVE-2018-6554 CVE-2018-6555 CVE-2018-7755 CVE-2018-9363 CVE-2018-9516 CVE-2018-10902 CVE-2018-10938 CVE-2018-13099 CVE-2018-14609 CVE-2018-14617 CVE-2018-14633 CVE-2018-14678 CVE-2018-14734 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3775-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3775-1 advisory. It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness ...
Delta Electronics ISPSoft
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Delta Electronics Equipment: ISPSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the...