OSV-2020-2171 Stack-buffer-overflow in fp_read_unsigned_bin

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27666 Crash type: Stack-buffer-overflow READ 8 Crash state: fpreadunsignedbin mpreadunsignedbin wcRsaPublicKeyDecodeRaw...

RHEL 7 : cups (RHSA-2020:3864)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3864 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in buffer overflows in the stack, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, convincing the user to open a specially...

OSV-2020-2157 Stack-buffer-overflow in insert_key

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27480 Crash type: Stack-buffer-overflow READ 1 Crash state: insertkey detectnetkey scpkcs15emutcosinitex...

RHEL 6 : chromium-browser (RHSA-2020:4974)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4974 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 86.0.4240.183. Security Fixes:...

FreeBSD : chromium -- multiple vulnerabilities (3ec6ab59-1e0c-11eb-a428-3065ec8fd3ec)

Chrome Releases reports : This release contains 10 security fixes, including : - 1138911 High CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15 - 1139398 High CVE-2020-16005: Insufficient policy enforceme...

openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1831-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Google Chrome Security Update (stable-channel-update-for-desktop-2020-11) - Linux

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Edge (Chromium) < 86.0.622.63 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 86.0.622.63. It is, therefore, affected by multiple vulnerabilities as referenced in the ADV200002-11-4-2020 advisory. - Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacke...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

imagemagick:ping_pwp_fuzzer: Stack-buffer-overflow in SetStringInfoDatum

Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5632955822899200 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: pingpwpfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

Stack overflow

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

CVE-2020-16008

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet...

OSV-2020-2108 Stack-buffer-overflow in simdjson::internal::decimal_right_shift

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26773 Crash type: Stack-buffer-overflow READ 1 Crash state: simdjson::internal::decimalrightshift simdjson::internal::adjustedmantissa simdjson::internal::computefloatsimdjson simdjson::internal::adjustedmantissa...

simdjson:fuzz_dump: Stack-buffer-overflow in simdjson::internal::decimal_right_shift

Project: https://github.com/simdjson/simdjson.git https://github.com/lemire/simdjson.git Detailed Report: https://oss-fuzz.com/testcase?key=5087581219586048 Project: simdjson Fuzzing Engine: libFuzzer Fuzz Target: fuzzdump Job Type: libfuzzerasansimdjson Platform Id: linux Crash Type:...

Amazon Linux 2 : tigervnc (ALAS-2020-1552)

The version of tigervnc installed on the remote host is prior to 1.8.0-21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1552 advisory. TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack...

Stack overflow

Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114...