5904 matches found
CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...
CVE-2022-31031
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...
CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...
OSV-2022-452 Stack-buffer-overflow in parse_regex
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47780 Crash type: Stack-buffer-overflow READ 1 Crash state: parseregex cliregex2suffix regexlistaddpattern...
Dell EMC iDRAC8 < 2.80.80.80 / Dell EMC iDRAC9 < 4.40.40.00 (DSA-2021-177)
The version of Dell EMC iDRAC8 or Dell EMC iDRAC9 installed on the remote host is affected by a vulnerability as referenced in the DSA-2021-177 advisory: - Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated...
CVE-2021-26635
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
Stack overflow
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
USN-5458-1: Vim vulnerabilities
It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...
CVE-2021-26635
CVE-2021-26635 affects Bandisoft ARK Library: buffer overflow risk due to incorrect data-type use when verifying file size, allowing manipulation of the read offset. CNNVD cites affected versions prior to 7.17, enabling potential remote code execution via a stack overflow. Public details about pa...
CVE-2021-26635 Bandisoft ARK Library buffer overflow vulnerability
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
OSV-2022-445 Stack-buffer-overflow in tlsCheckUncommonALPN
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47730 Crash type: Stack-buffer-overflow WRITE Crash state: tlsCheckUncommonALPN processClientServerHello processTLSBlock...
PT-2022-9783 · Unknown · Ark Library
Name of the Vulnerable Software and Affected Versions: ark library affected versions not specified Description: The issue arises from the incorrect use of data types in the code that verifies file sizes in the ark library. This allows an attacker to manipulate the offset read from the target file...
SUSE: Security Advisory (SUSE-SU-2022:1891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:1891-1 Security update for librelp
This update for librelp fixes the following issues: - CVE-2018-1000140: Fixed remote attack via specially crafted x509 certificates when connecting to rsyslog to trigger a stack buffer overflow and run arbitrary code bsc1086730...
OSV-2022-437 Stack-buffer-overflow in sc_asn1_read_tag
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47675 Crash type: Stack-buffer-overflow READ 1 Crash state: scasn1readtag scasn1findtag cardoslistfiles...
OSV-2022-436 Stack-buffer-overflow in spvtools::opt::CompositeInsertToCompositeConstruct
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47684 Crash type: Stack-buffer-overflow READ 8 Crash state: spvtools::opt::CompositeInsertToCompositeConstruct std::1::function::funcbool spvtools::opt::InstructionFolder::FoldInstructionInternal...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
Stack overflow
DISPUTED A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...