Advantech WebAccess BwOpcImg Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the command line in the BwOpcImg utility. The issue results from th...

Advantech WebAccess bwstmps Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the command line in the bwstmps utility. The issue results from the...

Advantech WebAccess bwthinfl Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the command line in the bwthinfl utility. The issue results from th...

Advantech WebAccess bwmail Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the command line in the bwmail utility. The issue results from the...

Advantech WebAccess BwSyncDb Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the command line in the BwSyncDb utility. The issue results from th...

CVE-2017-1000437

Creolabs Gravity 1.0 is affected by a stack-based buffer overflow in the operator_string_add function that can lead to remote code execution. Multiple sources (NVD, CNVD/PRION/CVELIST) corroborate this vulnerability in Gravity 1.0, with the flaw located in the operator_string_add path and describ...

Updated ncurses packages fix security vulnerabilities

Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113...

Updated ncurses packages fix security vulnerabilities

Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113. Fix infinite...

Updated openjpeg2 packages fix security vulnerability

A heap-based buffer overflow was discovered in the opjt2encodepacket function. The vulnerability caused an out-of-bounds write, which may have lead to remote denial of service or possibly unspecified other impact CVE-2017-14039. An invalid write access was discovered in bin/jp2/convert.c,...

CVE-2017-17913

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type...

CVE-2017-17913

In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type...

CVE-2017-17788

In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...

IBM Domino 8.5.x < 8.5.3 FP6 IF17 / 9.0.x < 9.0.1 FP8 IF2 IMAP EXAMINE Command Handling RCE (EMPHASISMINE) (credentialed check)

The version of IBM Domino formerly IBM Lotus Domino installed on the remote host is 8.5.x prior to 8.5.3 Fix Pack 6 FP6 Interim Fix 17 IF17 or 9.0.x prior to 9.0.1 Fix Pack 8 FP8 Interim Fix 2 IF2. It is, therefore, potentially affected by a remote code execution vulnerability when handling the...

CVE-2017-16725

A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the...

Stack overflow

A Stack-based Buffer Overflow issue was discovered in Xiongmai Technology IP Cameras and DVRs using the NetSurveillance Web interface. The stack-based buffer overflow vulnerability has been identified, which may allow an attacker to execute code remotely or crash the device. After rebooting, the...

Stack overflow

In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...

CVE-2017-17788

CVE-2017-17788 affects GIMP 2.8.22 with a stack-based buffer over-read in xcf_load_stream (app/xcf/xcf.c) when there is no '\0' after the version string. Connected advisories (Ubuntu USN-3539-1, SUSE SU-2020-0601-1, Red Hat/CVE bundles) confirm this issue among multiple GIMP vulnerabilities and r...

CVE-2017-17788

In GIMP 2.8.22, there is a stack-based buffer over-read in xcfloadstream in app/xcf/xcf.c when there is no '\0' character after the version string...

QNAP QTS authLogin Host Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of QNAP QTS. Authentication is not required to exploit this vulnerability. The specific flaw exists within authLogin.cgi. When parsing the Host header, the process does not properly validate the lengt...

EulerOS 2.0 SP2 : liblouis (EulerOS-SA-2017-1329)

According to the version of the liblouis packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A missing fix for one stack-based buffer overflow in findTable for CVE-2014-8184 was discovered. An attacker could cause denial of service or...