CVE-2016-2063

CVE-2016-2063 is a stack-based overflow in the MSM Thermal driver for the Linux kernel 3.x. The vulnerability resides in supply_lm_input_write within drivers/thermal/supply_lm_core.c and can be triggered by sending a large amount of data via the debugfs interface, enabling a local attacker to cau...

CVE-2016-5116

gdxbm.c in the GD Graphics Library aka libgd before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service stack-based buffer under-read and application crash via a long name...

CVE-2016-5116

gdxbm.c in the GD Graphics Library aka libgd before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service stack-based buffer under-read and application crash via a long name...

CVE-2016-6510

Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a crafted packet...

LexMark Perceptive Document Filters XLS Convert Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0172 LexMark Perceptive Document Filters XLS Convert Code Execution Vulnerability August 6, 2016 CVE Number CVE-2016-4335 Description An exploitable buffer overflow exists in the XLS parsing of the Perspective Document Filters conversion functionality. A...

Stack overflow

Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations...

CVE-2016-6510

Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a crafted packet...

KLA10852 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code, spoof user interface, bypass security restrictions, conduct cross-site scripting or read local...

Integer overflow

Integer overflow in the virtualfileex function in TSRM/tsrmvirtualcwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted extract operation on a Z...

CVE-2016-6289

CVE-2016-6289 describes an integer overflow in the PHP TSRM/tsrm_virtual_cwd.c - virtual_file_ex function. A crafted extract operation on a ZIP archive can cause a denial of service via a stack-based buffer overflow, with potential unspecified other impact. Affected PHP versions include before 5....

CVE-2016-6297

Removed by vendor...

CVE-2016-6289

Integer overflow in the virtualfileex function in TSRM/tsrmvirtualcwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted extract operation on a Z...

Internet Bug Bounty: Stack-based buffer overflow vulnerability in virtual_file_ex

https://bugs.php.net/bug.php?id=72513...

CVE-2016-5781

The CVE-2016-5781 entry details a stack-based buffer overflow in WECON LeviStudio (an HMI programming software). A crafted file can trigger the overflow, enabling arbitrary code execution in the context of the affected process. Public sources (NVD/NVD-derived and ICS-CERT advisory) identify the v...

CVE-2016-5781

Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file...

CVE-2016-4512

Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 and earlier allows remote attackers to execute arbitrary code via a long packet...

CVE-2016-3988

Multiple stack-based buffer overflows in the NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allow remote...

CVE-2016-4512

The CVE-2016-4512 issue affects Eaton ELCSoft ELCSimulator (infecting the ELCSimulator.exe) in ELCSoft versions 2.4.01 and earlier. The root cause is a stack-based buffer overflow when processing network TCP input, allowing remote attackers to execute arbitrary code with the process’s privileges ...

(0Day) WECON LeviStudio BaseSet HMINAME Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of...

(0Day) WECON LeviStudio BaseSet CurScrIdAddr Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of...