Stack-based Buffer Overflow

A flaw was found in cairo's image-compositor.c in all This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input to cause a stack...

Trojan-Proxy.Win32.Wimain Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/8936c97e99799809812fa740076a2d7f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Wimain Vulnerability: Remote Stack Buffer Overflow Description: Win32.Wimain troj...

NewStart CGSL CORE 5.04 / MAIN 5.04 : tigervnc Multiple Vulnerabilities (NS-SA-2021-0035)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tigervnc packages installed that are affected by multiple vulnerabilities: - TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If...

Stack Buffer Overflow Vulnerability in XnView

XnView as an image viewer with image browsing, screen capture, slideshow, batch conversion and more. XnView suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to cause a denial of service...

Oracle Linux 8 : grub2 (ELSA-2021-0696)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0696 advisory. - Add CVE-2020-15706, CVE-2020-15707 to the list Orabug: 31225072 Tenable has extracted the preceding description block directly from the Oracle Linux...

CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

DEBIAN-CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

Design/Logic Flaw

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

CVE-2020-27749

CVE-2020-27749 affects grub2, with the vulnerability in grub_parser_split_cmdline() where variable names in the command line are expanded into contents using a 1 KB stack buffer without sufficient bounds checking. This can overflow the stack and corrupt the stack frame, potentially allowing code ...

CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

CVE-2020-27749

A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that...

CVE-2021-22666

Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution...

RHEL 7 : grub2 (RHSA-2021:0699)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0699 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

Oracle Linux 7 : grub2 (ELSA-2021-9076)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9076 advisory. - Fix CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Orabug: 32530657 Tenable has extracted t...

Debian: Security Advisory (DSA-4867-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

grub2: Stack buffer overflow in grub_parser_split_cmdline()

A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...