Amazon Linux 2 : php (ALASPHP8.2-2023-002)

The version of php installed on the remote host is prior to 8.2.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.2-2023-002 advisory. GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixed...

Amazon Linux 2 : php (ALASPHP8.0-2023-009)

The version of php installed on the remote host is prior to 8.0.30-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.0-2023-009 advisory. GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixe...

Amazon Linux 2 : php (ALASPHP8.1-2023-004)

The version of php installed on the remote host is prior to 8.1.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.1-2023-004 advisory. GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixe...

Siemens JT2GO 安全漏洞

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A stack buffer overflow vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code...

Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2023-324)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-324 advisory. In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities...

Oracle Linux 7 : qemu (ELSA-2018-4262)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4262 advisory. - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28762625 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug:...

OSV-2023-797 Stack-buffer-overflow in QBuffer::readData

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62075 Crash type: Stack-buffer-overflow WRITE Crash state: QBuffer::readData QIODevicePrivate::read QDataStream::readRawData...

Debian dla-3555 : libapache2-mod-php7.3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3555 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3555-1 [email protected]...

SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2023:3528-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3528-1 advisory. - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml...

Debian dla-3556 : aom-tools - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3556 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3556-1 [email protected]...

Debian DSA-5490-1 : aom - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5490 advisory. - AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c. CVE-2020-36130 - AOM v2.0.1 was discovered to contain a stac...

[SECURITY] [DLA 3555-1] php7.3 security update

Debian LTS Advisory DLA-3555-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 05, 2023 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u5 CVE ID : CVE-2023-3823 CVE-2023-3824 Security issues were found in PHP, a widely-used open sourc...

NVClient v5.0 - Stack Buffer Overflow (DoS)

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 2023-08-19 Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual:...

NVClient v5.0 - Stack Buffer Overflow Exploit

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual: http://download.eyemaxdvr.com/DVST%20ST%20SERIES/CMS/Video%20Surveillance%20Management%20SoftwareV5.0.pdf...

NVClient 5.0 Stack Buffer Overflow

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 2023-08-19 Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual:...

OESA-2023-1573 json-c security update

JSON-C implements a reference counting object model that allows you to easily construct JSON objects in C, output them as JSON formatted strings and parse JSON formatted strings back into the C representation of JSON objects. Security Fixes: An issue was discovered in json-c through 0.15-20200726...

Tenda AC7 timeZone Parameter Stack Buffer Overflow Vulnerability

The Tenda AC7 is a dual-band wireless router with a strong signal and stable performance for large, multi-bedroom users. The Tenda AC7 suffers from a stack buffer overflow vulnerability that originates from the timeZone parameter of /goform/SetSysTimeCfg failing to correctly validate the length a...

Tenda AC23 Compare_parentcontrol_time function stack buffer overflow vulnerability

Tenda AC23 is a home dual-band wireless router launched by Tenda, focusing on large home coverage and high-speed transmission, supporting 802.11acWave2 technology, dual-band concurrent rate up to 2033Mbps. The Tenda AC23 suffers from a stack buffer overflow vulnerability, which stems from the...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : FAAD2 vulnerabilities (USN-6313-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6313-1 advisory. It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...

OSV-2023-753 Stack-buffer-overflow in iasecc_crt_parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61797 Crash type: Stack-buffer-overflow READ 1 Crash state: iasecccrtparse iaseccseparse iaseccsegetinfo...