EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1207)

According to the version of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted...

OPENSUSE-SU-2019:1172-1 Security update for ovmf

This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. - CVE-2018-12181: Fixed a stack buffer overflow in the...

openSUSE: Security Advisory for ovmf (openSUSE-SU-2019:1139-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for ovmf (moderate)

openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2019:1139-1 Rating: moderate References: 1128503 Cross-References: CVE-2018-12181 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for ovmf fixes...

Stack overflow

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...

CVE-2018-1936

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...

SUSE-SU-2019:0738-1 Security update for ovmf

This update for ovmf fixes the following issue: Security issue fixed: - CVE-2018-12181: Fixed a stack buffer overflow in the HII database when a corrupted Bitmap was used bsc1128503...

Denial Of Service

ImageMagick is vulnerable to denial of service DoS. The attacker can input a malicious image file to the function PopHexPixel of coders/ps.c, resulting in a stack buffer overflow and leading to a code execution...

OPENSUSE-SU-2019:0174-1 Security update for curl

This update for curl fixes the following issues: Security issues fixed: - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP bsc1123378. - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message...

Rockwell Automation RSLinx Classic ENGINE.dll Stack Buffer Overflow (CVE-2019-6553)

Binary data scadarslinxclassiccve-2019-6553.nbin...

Free MP3 CD Ripper Buffer Overflow Vulnerability (CNVD-2019-07812)

Free MP3 CD Ripper is an audio format converter. A stack buffer overflow vulnerability exists in Free MP3 CD Ripper version 2.6. A remote attacker can exploit this vulnerability to execute arbitrary code via specially crafted .mp3 files...

libheif/file-fuzzer: Stack-buffer-overflow in void apply_sao_internal<unsigned short>

Project: https://github.com/strukturag/libheif.git Detailed report: https://oss-fuzz.com/testcase?key=5724458239655936 Project: libheif Fuzzer: libFuzzerlibheiffile-fuzzer Fuzz target binary: file-fuzzer Job Type: libfuzzerasanlibheif Platform Id: linux Crash Type: Stack-buffer-overflow READ 4...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::MeshCoP::ChannelMaskEntry::GetMask

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5629736728920064 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...

CVE-2019-8276

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...

WAGO PFC200 iocheckd service "I/O-Check" cache DNS code execution vulnerability

Summary An exploitable stack buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send...

CVE-2019-8276

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...

Stack overflow

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...

Stack overflow

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetupForm. An attacker can leverage this vulnerability to potentially execute arbitrary code...

CVE-2019-3921

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usbForm?script/. An attacker can leverage this vulnerability to potentially execute arbitrary cod...

Stack overflow

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usbForm?script/. An attacker can leverage this vulnerability to potentially execute arbitrary cod...