openthread: Stack-buffer-overflow in ot::NetworkData::HasRouteEntry::GetRloc

Detailed report: https://oss-fuzz.com/testcase?key=4983359669272576 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash...

OpenJPEG Stack Buffer Overflow Vulnerability

OpenJPEG is a C-based open source JPEG 2000 codec . A stack buffer overflow vulnerability exists in the 'pgxtoimage' function in the bin/jp2/convert.c file in OpenJPEG version 2.2.0. A remote attacker could exploit this vulnerability to cause a denial of service or possibly execute code write...

Advantech WebAccess Stack Buffer Overflow Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A stack buffer overflow vulnerability exists in Advantech...

Delta Industrial Automation PMSoft Stack Buffer Overflow Vulnerability (CNVD-2017-228255)

Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A stack buffer overflow vulnerability exists in the parsing of information from a TTreeView object in a ppm project file...

Delta Industrial Automation WPLSoft Stack Buffer Overflow Vulnerability

Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A stack buffer overflow vulnerability exists in Delta Industrial Automation WPLSoft. Due to a failure to properly validate...

NoviFlow NoviWare and NoviSwitch Device Stack Buffer Overflow Vulnerability

NoviFlow NoviWare and NoviSwitch devices are both products of NoviFlow Canada.NoviSwitch devices are a series of switching devices.NoviWare is the switching software used in... A stack buffer overflow vulnerability exists in the Network interface of the cliengine and noviengine services in NoviFl...

fuchsia_fidl: Stack-buffer-overflow in fidl::StringView::operator<

Detailed report: https://oss-fuzz.com/testcase?key=5376132784324608 Project: fuchsiafidl Fuzzer: libFuzzerfuchsiafidlfuzzer Fuzz target binary: fuchsiafidlfuzzer Job Type: libfuzzerubsanfuchsiafidl Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash Address: 0x7ffd4d8165d8 Crash...

Stack overflow

Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.670RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...

CVE-2017-12754

The CVE-2017-12754 entry describes a stack buffer overflow in the httpd component of Asuswrt-Merlin firmware (notably 380.67_0RT-AC5300 and earlier) across numerous ASUS router models. A remote attacker can trigger arbitrary code execution by sending a crafted HTTP GET request containing a long d...

HP Data Protector Software Stack Buffer Overflow Vulnerability

HP Data Protector Software is a suite of unified data protection solutions from Hewlett-Packard HP in the United States. The solution protects data across all physical and virtual environments by utilizing an intelligent data management approach that provides three-party application source, stand...

Eaton ELCSoft ELCSimulator Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton ELCSoft. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of network TCP requests by ELCSimulator.exe. A crafted request will cause...

openthread: Stack-buffer-overflow in ot::Coap::Header::FromMessage

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5722785030602752 Project: openthread Fuzzer: aflopenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type:...

UltraISO Stack Buffer Overflow Vulnerability

UltraISO is popular BIN/ISO editing software that allows direct editing of a wide range of image files. A stack buffer overflow vulnerability exists in UltraISO version 9.6.6.3300. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application or cause a...

gdal: Stack-buffer-overflow in nc4_check_name

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=6380982435315712 Project: gdal Fuzzer: libFuzzergdalmitabtabfuzzer Fuzz target binary: mitabtabfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address:...

gdal: Stack-buffer-overflow in CSLAddNameValue

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=4969921421246464 Project: gdal Fuzzer: libFuzzergdalmrffuzzer Fuzz target binary: mrffuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address:...

Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update

An update for qemu-kvm-rhev is now available for RHEV 4.X RHEV-H and Agents for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PHP 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

ffmpeg: Stack-buffer-overflow in CProgramConfig_LookupElement

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=6752357788418048 Project: ffmpeg Fuzzer: libFuzzerffmpegAVCODECIDLIBFDKAACfuzzer Fuzz target binary: ffmpegAVCODECIDLIBFDKAACfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type:...

PlugX Controller Stack Buffer Overflow

This module exploits a stack buffer overflow in the PlugX Controller C2 server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'PlugX Controller Stack Buffer Overflow',...