Belden Garrettcom 6K/10K Switches - Authentication Bypass / Memory Corruption Vulnerabilities

Exploit for php platform in category web applications Introduction ------------ Vulnerabilities were identified in the Belden GarrettCom 6K and 10KT Magnum series network switches. These were discovered during a black box assessment and therefore the vulnerability list should not be considered...

Sync Breeze Enterprise GET Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sync Breeze Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in the web...

CVE-2017-5177

A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. A stack-based buffer overflow vulnerability has been identified, where an attacker with a specially crafted packet could overflow the fixed length buffer. This could allow remote code execution...

CVE-2017-9048

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...

CVE-2017-9048

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3291-3)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3291-3 advisory. USN-3291-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3291-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3291-2 advisory. USN-3291-1 fixed vulnerabilities in the generic Linux kernel. This update provides the corresponding updates for the Linux kernel built for specific...

Mac OS X 10.x < 10.12.5 Multiple Vulnerabilities

Binary data 700119.prm...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3291-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3291-1 advisory. Dmitry Vyukov discovered that the generic SCSI sg subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to ...

CVE-2017-6890

A boundary error within the "foveonloadcamf" function dcrawfoveon.c when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow...

CVE-2017-6890

A boundary error within the "foveonloadcamf" function dcrawfoveon.c when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow...

Stack overflow

A boundary error within the "foveonloadcamf" function dcrawfoveon.c when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow...

(Pwn2Own) Apple macOS WindowServer _XGetWindowMovementGroup Stack-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the WindowServer...

openSUSE Security Update : dpkg (openSUSE-2017-549)

This update for dpkg fixes the following issues : This security issue was fixed : - CVE-2015-0860: Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in dpkg allowed remote attackers to execute arbitrary code via the archive magic version number in an...

AntennaHouse DMC HTMLFilter PPT DHFSummary Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.2 kernel was updated to 4.4.62 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service API operation calling its own callback, and infinite recursion b...

EulerOS 2.0 SP2 : php (EulerOS-SA-2017-1068)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Zend/zendexceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service infinite loop...

EulerOS 2.0 SP1 : ntp (EulerOS-SA-2016-1060)

According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands.CVE-2015-5194 - It w...

CVE-2017-8289

Stack-based buffer overflow in the ipv6addrfromstr function in sys/net/networklayer/ipv6/addr/ipv6addrfromstr.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attackers, to cause a denial of service or possibly have unspecified other impact via a malformed IPv6 address...

openSUSE Security Update : libsndfile (openSUSE-2017-514)

This update for libsndfile fixes the following security issues : - CVE-2017-7586: A stack-based buffer overflow via a specially crafted FLAC file was fixed error in the 'headerread' function bsc1033053 - CVE-2017-7585,CVE-2017-7741, CVE-2017-7742: Several stack-based buffer overflows via a...