cups: stack-buffer-overflow in libcups's asn1_get_packed function

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

Moderate: Red Hat Security Advisory: cups security and bug fix update

An update for cups is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

OSV-2020-1860 Stack-buffer-overflow in sc_get_response

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25998 Crash type: Stack-buffer-overflow WRITE Crash state: scgetresponse sctransmit sctransmitapdu...

OSV-2020-1845 Stack-buffer-overflow in void put_epel_hv_fallback<unsigned short>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25937 Crash type: Stack-buffer-overflow READ 2 Crash state: void putepelhvfallback accelerationfunctions::puthevcepelv void mcchroma...

imagemagick:encoder_heic_fuzzer: Stack-buffer-overflow in void put_epel_hv_fallback<unsigned short>

Detailed Report: https://oss-fuzz.com/testcase?key=5124285033873408 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: encoderheicfuzzer Job Type: libfuzzerasani386imagemagick Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash Address: 0xffe16451 Crash State: void...

OSV-2020-1835 Stack-buffer-overflow in fmt::v7::detail::buffer<char>::push_back

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25884 Crash type: Stack-buffer-overflow READ 1 Crash state: fmt::v7::detail::buffer::pushback std::1::backinsertiterator ::operator= fmt::v7::detail::bufferappender std::1::copyconstexprchar const, f...

OSV-2020-1834 Stack-buffer-overflow in onigenc_unicode_get_case_fold_codes_by_str

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25893 Crash type: Stack-buffer-overflow WRITE 4 Crash state: onigencunicodegetcasefoldcodesbystr utf16begetcasefoldcodesbystr unravelcasefoldstring...

oniguruma:fuzzer: Stack-buffer-overflow in onigenc_unicode_get_case_fold_codes_by_str

Project: https://github.com/kkos/oniguruma.git Detailed Report: https://oss-fuzz.com/testcase?key=5142910239244288 Project: oniguruma Fuzzing Engine: afl Fuzz Target: fuzzer Job Type: aflasanoniguruma Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7ffc76be7664 Crash...

libfmt:fuzzer_named_arg: Stack-buffer-overflow in fmt::v7::detail::buffer<char>::push_back

Detailed Report: https://oss-fuzz.com/testcase?key=5201197777289216 Project: libfmt Fuzzing Engine: honggfuzz Fuzz Target: fuzzernamedarg Job Type: honggfuzzasanlibfmt Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0x7fff5c6570b8 Crash State:...

Arbitrary Code Execution

gdb is vulnerable to arbitrary code execution. The vulnerability exists through a stack buffer overflow when printing bad bytes in Intel Hex objects...

OSV-2020-1820 Stack-buffer-overflow in hermes::regex::Parser<hermes::regex::Regex<hermes::regex::UTF16RegexTraits>, cha

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25815 Crash type: Stack-buffer-overflow READ 2 Crash state: hermes::regex::Parser, cha hermes::regex::Parser, cha hermes::regex::Parser, cha...

hermes:fuzzer-jsi-entry: Stack-buffer-overflow in hermes::regex::Parser<hermes::regex::Regex<hermes::regex::UTF16RegexTraits>, cha

Project: https://github.com/facebook/hermes.git Detailed Report: https://oss-fuzz.com/testcase?key=5645974943563776 Project: hermes Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-jsi-entry Job Type: libfuzzerasanhermes Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash Address:...

OSV-2020-1805 Stack-buffer-overflow in rijndaelSetupEncrypt

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21329 Crash type: Stack-buffer-overflow READ 1 Crash state: rijndaelSetupEncrypt rijndaelSetupDecrypt aesdecrypt...

Adobe Framemaker Stack Buffer Overflow Vulnerability

Adobe FrameMaker is a document processing program for writing and editing large or complex documents, including structured documents. A stack buffer overflow vulnerability exists in Adobe Framemaker 2019.0.6 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary cod...

OSV-2020-1715 Stack-buffer-overflow in ndpi_search_kerberos

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25446 Crash type: Stack-buffer-overflow READ 1 Crash state: ndpisearchkerberos checkndpiudpflowfunc ndpicheckflowfunc...

ndpi:fuzz_process_packet: Stack-buffer-overflow in ndpi_search_kerberos

Project: https://github.com/ntop/nDPI.git Detailed Report: https://oss-fuzz.com/testcase?key=5911626486906880 Project: ndpi Fuzzing Engine: afl Fuzz Target: fuzzprocesspacket Job Type: aflasanndpi Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0x7ffcad929a57 Crash Stat...

squid:4 security update

libecap squid 7:4.4-8.2 - Resolves: 1872345 - CVE-2020-15811 squid:4/squid: HTTP Request Splitting could result in cache poisoning - Resolves: 1872330 - CVE-2020-15810 squid:4/squid: HTTP Request Smuggling could result in cache poisoning 7:4.4-8.1 - Resolves: 1828368 - CVE-2019-12519 squid:...

uwebsockets:TopicTree: Stack-buffer-overflow in uWS::TopicTree::trimTree

Project: https://github.com/uNetworking/uWebSockets.git Detailed Report: https://oss-fuzz.com/testcase?key=4864981424930816 Project: uwebsockets Fuzzing Engine: libFuzzer Fuzz Target: TopicTree Job Type: libfuzzerasanuwebsockets Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 8 Crash...

rnp:fuzz_keyring: Stack-buffer-overflow in stream_write_key

Project: https://github.com/rnpgp/rnp.git Detailed Report: https://oss-fuzz.com/testcase?key=5745453998800896 Project: rnp Fuzzing Engine: libFuzzer Fuzz Target: fuzzkeyring Job Type: libfuzzerasanrnp Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7fff35f15c68 Crash...

Stack overflow

Verint 5620PTZ VerintFW042 and Verint 4320 V4320FW023, and V4320FW031 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not requi...