CVE-2017-12482

The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

CVE-2017-12481

The findoption function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

CVE-2017-12482

The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

CVE-2017-12482

The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

CVE-2017-12481

The findoption function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

CVE-2017-12481

The findoption function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...

RedHat Update for glibc RHSA-2017:1916-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : poppler (SUSE-SU-2017:1999-1)

This update for poppler fixes the following issues: Security issues fixed : - CVE-2017-9775: DoS stack-based buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document bsc1045719 - CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF...

Continental AG Infineon S-Gold 2 (PMB 8876)

CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Continental AG Equipment: Infineon S-Gold 2 PMB 8876 Vulnerabilities: Stack-Based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer AFFECTED PRODUC...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

Stack overflow

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) that can cause DoS or code execution via a crafted OpenType font. Affected component: FontForge parser for TrueType/OpenType data. Root cause: stack-based overflow in addnibble when processing font data. I...

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

CVE-2017-11517

Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request...

CVE-2017-11517

Stack-based buffer overflow in GCoreServer.exe in the server in Geutebrueck Gcore 1.3.8.42 and 1.4.2.37 allows remote attackers to execute arbitrary code via a long URI in a GET request...

CVE-2017-9765

Integer overflow in the soapget function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow and application crash via a large XML document, aka Devil'...

AXIS gSOAP Message Handling RCE (ACV-116267) (Devil's Ivy)

The remote AXIS device is running a firmware version that is missing a security patch. It is, therefore, affected by a remote code execution vulnerability, known as Devil's Ivy, due to an overflow condition that exists in a third party SOAP library gSOAP. An unauthenticated, remote attacker can...

Stack overflow

The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...