CVE-2017-6035

The CVE-2017-6035 issue affects Wecon Technologies LEVI Studio HMI Editor prior to 1.8.1, where a STACK-BASED BUFFER OVERFLOW in processing a project file can cause a denial of service when a malicious project is opened. Connected sources confirm the affected product and root cause, and ICS-CERT ...

SUSE SLED12 / SLES12 Security Update : dpkg (SUSE-SU-2017:1096-1)

This update for dpkg fixes the following issues: This security issue was fixed : - CVE-2015-0860: Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in dpkg allowed remote attackers to execute arbitrary code via the archive magic version number in an...

CVE-2016-10091

Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the 1 cmdexpand function, 2 cmdemboss function, or 3 cmdengrave function...

CVE-2016-10091

Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the 1 cmdexpand function, 2 cmdemboss function, or 3 cmdengrave function...

CVE-2016-10091

Multiple stack-based buffer overflows in unrtf 0.21.9 allow remote attackers to cause a denial-of-service by writing a negative integer to the 1 cmdexpand function, 2 cmdemboss function, or 3 cmdengrave function...

CVE-2017-7938

Stack-based buffer overflow in DMitry Deepmagic Information Gathering Tool version 1.3a Unix allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname string...

CVE-2017-7938

Stack-based buffer overflow in DMitry Deepmagic Information Gathering Tool version 1.3a Unix allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname string...

CVE-2017-7938

CVE-2017-7938 affects DMitry (Deepmagic Information Gathering Tool) 1.3a on Unix. The vulnerability is a stack-based buffer overflow triggered by a long argument, enabling a denial of service (application crash) and potentially additional impact. Debian has issued a security update, fixing this i...

SUSE SLES11 Security Update : libsndfile (SUSE-SU-2017:1030-1)

This update for libsndfile fixes the following issues : - CVE-2017-7585,CVE-2017-7741,CVE-2017-7742: Some stack-based buffer overflows via a specially crafted FLAC file were fixed error in the 'flacbuffercopy' function bsc1033054, bsc1033914, bsc1033915. Note that Tenable Network Security has...

SUSE SLED12 / SLES12 Security Update : libsndfile (SUSE-SU-2017:1040-1)

This update for libsndfile fixes the following security issues : - CVE-2017-7586: A stack-based buffer overflow via a specially crafted FLAC file was fixed error in the 'headerread' function bsc1033053 - CVE-2017-7585,CVE-2017-7741, CVE-2017-7742: Several stack-based buffer overflows via a...

Stack overflow

The readnextpamtoken function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service stack-based buffer over-read via a crafted file...

CVE-2017-7939

The readnextpamtoken function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service stack-based buffer over-read via a crafted file...

CVE-2016-3036

IBM Cognos TM1 10.1 and 10.2 is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing packets. A remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 114612...

CVE-2017-7866

FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decodezbuf function in libavcodec/pngdec.c...

Stack overflow

Stack-based buffer overflow in game-music-emu before 0.6.1...

CVE-2016-9957

Summary: CVE-2016-9957 corresponds to a stack-based buffer overflow in the Game Music Emu library prior to version 0.6.1. Multiple connected advisories (Gentoo GLSA-201707-02, Fedora advisories) describe a remotely triggerable condition: a user could be enticed to open a specially crafted SPC mus...

CVE-2016-4459

CVE-2016-4459 is a stack-based buffer overflow in mod_cluster 1.2.9, specifically in native/mod_manager/node.c. The root cause is a stack-based overflow, leading to memory corruption that can cause a crash and impact availability (as reflected by CVSS) without affecting confidentiality or integri...

JVN#81024552: Multiple vulnerabilities in WN-G300R3

WN-G300R3 provided by I-O DATA DEVICE, INC. is a wireless LAN router. WN-G300R3 contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2017-2141 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H| Base Score: 6.8 CVSS v2|...

CVE-2017-7586

Libsndfile has a confirmed vulnerability CVE-2017-7586 affecting the header_read() path (common.c) when parsing ID3 tags in FLAC files, with a stack-based buffer overflow risk. Affected versions include libsndfile up to 1.0.28; multiple connected advisories reference this issue and track upgrades...

CVE-2017-7585

Libsndfile prior to 1.0.28 contains a flaw in flac_buffer_copy() (flac.c) that can be triggered by a specially crafted FLAC file to cause a stack-based buffer overflow. This affects libsndfile versions before 1.0.28; fixes are available by upgrading to 1.0.28 or newer (as noted in Debian/ Gentoo/...