CVE-2021-0362

CVE-2021-0362 affects Android 11 as described across multiple sources. The vulnerability is a memory corruption via a stack buffer overflow in the aee component, enabling local privilege escalation with System-level execution privileges. Exploitation does not require user interaction. Patch ALPS0...

OSV-2021-261 Stack-buffer-overflow in flb_sds_cat

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30093 Crash type: Stack-buffer-overflow READ Crash state: flbsdscat ratranslatekeymap flbratranslate...

CentOS 8 : squid:4 (CESA-2020:2041)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2041 advisory. - squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow CVE-2019-12519 - squid: parsing of header...

CentOS 8 : cups (CESA-2020:1765)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1765 advisory. - cups: stack-buffer-overflow in libcups's asn1gettype function CVE-2019-8675 - cups: stack-buffer-overflow in libcups's asn1getpacked function...

OSV-2021-257 Stack-buffer-overflow in kdf_sshkdf_set_ctx_params

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30037 Crash type: Stack-buffer-overflow READ 1 Crash state: kdfsshkdfsetctxparams EVPKDFCTXsetparams cryptofuzz::module::OpenSSL::OpKDFSSH...

CentOS 8 : thunderbird (CESA-2019:1623)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:1623 advisory. - libical: Heap buffer over read in icalparser.c parsergetnextchar CVE-2019-11703 - libical: Heap buffer overflow in icalmemorystrdupanddequote functio...

CentOS 8 : thunderbird (CESA-2019:3237)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:3237 advisory. - Mozilla: Use-after-free when creating index updates in IndexedDB CVE-2019-11757 - Mozilla: Potentially exploitable crash due to 360 Total Security...

CentOS 8 : libvorbis (CESA-2019:3703)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3703 advisory. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - libvorbis: stack buffer overflow in barknoisehybridmp function...

CentOS 8 : curl (CESA-2019:3701)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3701 advisory. - curl: NTLM type-2 heap out-of-bounds buffer read CVE-2018-16890 - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 -...

CentOS 8 : firefox (CESA-2019:3196)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:3196 advisory. - Mozilla: Use-after-free when creating index updates in IndexedDB CVE-2019-11757 - Mozilla: Potentially exploitable crash due to 360 Total Security...

The vulnerability in the web interface for managing microprogrammed wireless router software of Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the web-based management interfaces for microprogramming software of Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W is caused by buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure...

The vulnerability of the document.title property in the Sailfish Browser application for the “Autora” operating system, related to buffer overflow in the stack, allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the document.title property in the Sailfish Browser application for the “Autora” operating system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary code...

The vulnerability of the Sailfish Browser application for the “Avora” operating system, related to buffer overflow in the stack, allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Sailfish Browser application for the “Avora” operating system is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

Backdoor.Win32.Hupigon.adef Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c8f55ce7bbec784a97d7bfc6d7b1931f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.adef Vulnerability: Remote Stack Buffer Overflow Description: Backdoor Hupigo...

Open Design Alliance Drawings SDK Stack Buffer Overflow Vulnerability

Drawings is a development platform for desktop, mobile and web applications targeting .dwg and .dgn data.Drawings SDK is the Drawings Software Development Kit. A stack buffer overflow vulnerability exists in Open Design Alliance Drawings SDK versions prior to 2021.11. An attacker can exploit this...

Email-Worm.Win32.Agent.gi Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/74e65773735f977185f6a09f1472ea46.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Agent.gi Vulnerability: Remote Stack Buffer Overflow - UDP Datagram Description:...

SUSE-SU-2021:0156-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2020-19667: Fixed a stack buffer overflow in XPM coder could result in a crash bsc1179103. - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel bsc1179202. - CVE-2020-25665: Fixed a heap-based buffer overflow in...

Backdoor.Win32.Mnets Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1e42493dcef54a62bc28e0a1338c1142.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Mnets Vulnerability: Remote Stack Buffer Overflow - UDP Datagram Proto Description: T...

OSV-2018-284 Stack-buffer-overflow in pdf_lookup_cmap_full

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5494 Crash type: Stack-buffer-overflow WRITE 4 Crash state: pdflookupcmapfull pdfremapcmaprange pdfremapcmap...

Medium: tigervnc

Issue Overview: TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder may try to access stack variable, which has been already freed during the process...