CVE-2016-4336

An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged ...

MGASA-2017-0007 Updated unrtf package fixes security vulnerability

A Stack-based buffer overflow has been found in unrtf 0.21.9, which affects functions including cmdexpand, cmdemboss and cmdengrave CVE-2016-10091...

Updated unrtf package fixes security vulnerability

A Stack-based buffer overflow has been found in unrtf 0.21.9, which affects functions including cmdexpand, cmdemboss and cmdengrave CVE-2016-10091...

CVE-2016-8670

Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via...

Oracle MySQL 5.6.x < 5.6.35 Multiple Vulnerabilities

Binary data 9845.prm...

Debian DSA-3746-1 : graphicsmagick - security update (ImageTragick)

Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based...

MySQL 5.6.x < 5.6.35 Multiple Vulnerabilities (January 2017 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.35. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition...

MySQL 5.5.x < 5.5.54 Multiple Vulnerabilities (January 2017 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.54. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3238 - An...

CVE-2015-3217

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

CVE-2015-3217

PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service stack-based buffer overflow via a crafted regular expression, as demonstrated by /^?:?1\.|^\\W?++$/...

Adobe Flash Player RegExp PRUNE Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Adobe Flash Player RegExp MARK Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Joyent SmartOS Hyprlofs FS IOCTL Native File System name Buffer Overflow Privilege Escalation Vulnerability

Summary An exploitable buffer overflow exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer...

CVE-2016-2946

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring ITM 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors...

CVE-2016-6915

Stack-based buffer overflow in nvhostjob.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5...

Debian Security Advisory DSA 3725-1 (icu - security update)

Several vulnerabilities were discovered in the International Components for Unicode ICU library. CVE-2014-9911 Michele Spagnuolo discovered a buffer overflow vulnerability which might allow remote attackers to cause a denial of service or possibly execute arbitrary code via crafted text...

MGASA-2016-0374 Updated quagga packages fix security vulnerability

It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages CVE-2016-1245...

Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow (PoC)

Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow PoC Exploit Title: Micro Focus Rumba function vuln // 272 Junk Data // 272 + "\x43\x43\x43\x43" = EDX = 43434343 // // If we change the edx to an address that point to a valid address // We will have control over EIP // 0x20302228 // Overwrite...

Micro Focus Rumba 9.3 Active-X Stack Buffer Overflow

Exploit Title: Micro Focus Rumba function vuln // 272 Junk Data // 272 + "\x43\x43\x43\x43" = EDX = 43434343 // // If we change the edx to an address that point to a valid address // We will have control over EIP // 0x20302228 // Overwrite the stack var evilpayload = "AAAAAAA...

Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow (PoC)

Exploit Title: Micro Focus Rumba function vuln // 272 Junk Data // 272 + "\x43\x43\x43\x43" = EDX = 43434343 // // If we change the edx to an address that point to a valid address // We will have control over EIP // 0x20302228 // Overwrite the stack var evilpayload =...