CVE-2016-5798

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote buffer overflow o...

CVE-2016-9343

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 excluding all firmware versions prior to FRN 16.00, which are not affected. By sending malformed common industrial protocol CIP packet, an attacker may be able to overflow a...

CVE-2016-5798

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote buffer overflow o...

CVE-2016-8352

Schneider Electric ConneXium firewalls TCSEFEC23F3F20/21, TCSEFEC23FCF20/21, and TCSEFEC2CF3F20 are affected by a stack-based buffer overflow during SNMP login authentication, enabling remote code execution. Affected versions include all listed variants. Root cause: buffer overflow in SNMP login ...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchbyiname resulting in remote code execution. An attacker can simply...

Stack overflow

An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An attacker can...

CVE-2016-9054

CVE-2016-9054 describes a stack-based buffer overflow in Aerospike Database Server 3.10.0.3, exposed via the querying pathway. The vulnerability occurs in the function as_sindex__simatch_list_by_set_binid when processing a crafted packet that overflows an internal key buffer (setname_binid_typeid...

CVE-2016-9052

CVE-2016-9052 is an exploitable stack-based buffer overflow in Aerospike Database Server 3.10.0.3, triggered during a crafted index query. The vulnerability occurs in as_sindex__simatch_by_iname, which copies an index name into a fixed-size stack buffer (iname[AS_ID_INAME_SZ] = 256) using a lengt...

CVE-2015-8972

Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess aka gnuchess before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode...

DiskSavvy Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise v9.1.14 and v9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows XP SP...

CVE-2016-2233

Stack-based buffer overflow in the inboundcapls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service crash via a large number of options in a CAP LS message...

CVE-2016-2233

CVE-2016-2233 affects HexChat 2.10.2, with a stack-based buffer overflow in inbound_cap_ls (common/inbound.c) that allows remote IRC servers to crash the client by sending many CAP LS options. This is documented across multiple feeds (NVD, OSV, Debian tracker, CNVD, CVE lists) confirming the vuln...

DiskBoss Enterprise - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'DiskBoss Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability i...

SUSE SLES11 Security Update : php53 (SUSE-SU-2017:0109-1)

This update for php53 fixes the following issues : - CVE-2014-9912: Stack-based buffer overflow in ulocgetDisplayName bsc1012232 - CVE-2016-9933: Possible stack overflow on truecolor images handling bsc1015187 - CVE-2016-9934: Dereference from NULL pointer could lead to crash bsc1015188 -...

CVE-2017-5336

Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate...

openSUSE: Security Advisory for jasper (openSUSE-SU-2017:0101-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for jasper (important)

This update for jasper fixes the following issues: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. bsc1012530 - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. bsc1010977 - CVE-2016-9398: Invalid jasper files could...

SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2017:0084-1)

This update for jasper fixes the following issues : - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. bsc1012530 - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. bsc1010977 - CVE-2016-9398: Invalid jasper files could...

DiskBoss Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12, v7.4.28, and v8.2.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on...

CVE-2016-4336

An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged ...