CVE-2019-1010022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...

imagemagick/ping_eps_fuzzer: Stack-buffer-overflow in ConstantString

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5653164516179968 Project: imagemagick Fuzzer: libFuzzerimagemagickpingepsfuzzer Fuzz target binary: pingepsfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

imagemagick/ping_ps_fuzzer: Stack-buffer-overflow in GetNextUTFCode

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5633665431764992 Project: imagemagick Fuzzer: libFuzzerimagemagickpingpsfuzzer Fuzz target binary: pingpsfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

CVE-2019-10193

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...

CVE-2019-10193

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...

Stack overflow

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...

CVE-2019-10193

CVE-2019-10193 is a stack-buffer overflow in Redis HyperLogLog exposed by the SETRANGE usage. Affected branches are Redis 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. Exploitation could cause writes past the end of a stack-allocated buffer, per multiple connected advisories. Public...

CVE-2019-10193

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...

CVE-2019-10193

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...

CVE-2019-10193

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past...

Denial Of Service (DoS)

libzmq is vulnerable to denial of service DoS. The vulnerability exists through a stack buffer overflow issue in src/curveserver.cpp...

CVE-2018-14496

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocalbuff4326, and setgetparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or...

ZeroMQ Stack Buffer Overflow Vulnerability

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ that stems from a program's failure to properly handle application metadata. An attacker could exploit this vulnerability to cause ZeroMQ to crash or possibly execute arbitrary code...

The vulnerability of the IBM Spectrum Protect server and data protection agent, related to buffer overflows in the stack, allows attackers to execute arbitrary code or cause failures in the server or data protection agent’s functionality.

The vulnerability of the IBM Spectrum Protect server and data protection agent is related to buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause failures in the server or data protection agent...

cryptofuzz/cryptofuzz-openssl-110-noasm: Stack-buffer-overflow in RC5_32_set_key

Project: https://github.com/guidovranken/cryptofuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5636104176271360 Project: cryptofuzz Fuzzer: libFuzzercryptofuzzcryptofuzz-openssl-110-noasm Fuzz target binary: cryptofuzz-openssl-110-noasm Job Type: libfuzzerasancryptofuzz Platform Id:...

CentOS Update for thunderbird CESA-2019:1624 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190627)

Security Fixes : - Mozilla: Type confusion in Array.pop CVE-2019-11707 - thunderbird: Stack buffer overflow in icalrecuraddbydayrules in icalrecur.c CVE-2019-11705 - Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 - thunderbird: Heap buffer over read in icalparser.c parsergetnextchar...

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:1626 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20190627)

Security Fixes : - Mozilla: Type confusion in Array.pop CVE-2019-11707 - thunderbird: Stack buffer overflow in icalrecuraddbydayrules in icalrecur.c CVE-2019-11705 - Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 - thunderbird: Heap buffer over read in icalparser.c parsergetnextchar...

libxslt CVE-2019-13118 Stack Buffer Overflow Vulnerability

Description libxslt is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. libxslt 1.1.33 is vulnerable; other versions may also be affected. Technologies Affected Apple TV Apple Watch Apple iOS ...