Stack overflow

In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution...

PHP 7.3.x < 7.3.16 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.16. It is, therefore, affected by the following vulnerabilities: - An out of bounds read resulting in the use of an uninitialized value in exif. CVE-2020-7064 - A stack buffer overflow in mbstrtolow...

quickjs:fuzz_regexp: Stack-buffer-overflow in re_parse_term

Project: https://github.com/horhof/quickjs.git https://github.com/bellard/quickjs.git Detailed Report: https://oss-fuzz.com/testcase?key=5682808761876480 Project: quickjs Fuzzing Engine: afl Fuzz Target: fuzzregexp Job Type: aflasanquickjs Platform Id: linux Crash Type: Stack-buffer-overflow READ...

PT-2020-12347 · Draytek · Draytek Vigor2960 +2

Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 versions prior to 1.5.1 Draytek Vigor2960 versions prior to 1.5.1 Draytek Vigor300B versions prior to 1.5.1 Description: A stack-based buffer overflow in the "/cgi-bin/activate.cgi" API endpoint through the ticket parameter...

CVE-2019-5185

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as a...

Stack overflow

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1eb9c the extracted interface element name from the xml file is...

Stack overflow

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1ea28 the extracted state value from the xml file is used as a...

CVE-2019-5185

CVE-2019-5185 affects the WAGO PFC200 controller’s iocheckd service (I/O-Check). A crafted XML cache file placed at /tmp/iocheckCache.xml can trigger a stack buffer overflow while parsing the node: the code uses sprintf() into a fixed 512-byte stack buffer and then copies it with strcpy() to an ...

CVE-2019-5186

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service "I/O-Check" functionality of WAGO PFC 200. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1eb9c the extracted interface element name from the xml file is...

CVE-2019-5186

Summary: CVE-2019-5186 affects the WAGO PFC200 iocheckd service (“I/O-Check”). A stack buffer overflow is triggered while parsing the XML cache file (/tmp/iocheckCache.xml). In the vulnerable path, the code uses sprintf to write into a 512-byte stack buffer, leading to overflow, and subsequently ...

clamav:clamav_scanmap_PDF_fuzzer: Stack-buffer-overflow in rijndaelSetupEncrypt

Detailed Report: https://oss-fuzz.com/testcase?key=5747616983023616 Project: clamav Fuzzing Engine: afl Fuzz Target: clamavscanmapPDFfuzzer Job Type: aflasanclamav Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0x7f7d47869030 Crash State: rijndaelSetupEncrypt...

pppd 2.4.8 Buffer Overflow Exploit

Exploit Title: Point to Point Protocol Daemon versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow - remote Author: nu11secur1ty Date: 2020-03-18 Vendor: Point to Point Protocol Daemon Link: https://github.com/nu11secur1ty/Windows10Exploits/tree/master/Undefined/CVE-2020-8597 CVE:...

MGASA-2020-0143 Updated sleuthkit packages fix security vulnerability

Updated sleuthkit packages fix security vulnerability: In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c CVE-2020-10232...

Debian: Security Advisory (DLA-2137-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-13171

Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handlin...

Stack overflow

Some Brother printers such as the HL-L8360CDW v1.20 were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device...

CVE-2019-13193

CVE-2019-13193 affects Brother HL‑8360CDW v1.20 and similar Brother printers, where the web server fails to parse cookie values, causing a stack-based buffer overflow that could allow arbitrary code execution over the network. The initial docs indicate exploitation status is not provided; remedia...

CVE-2019-13193

Some Brother printers such as the HL-L8360CDW v1.20 were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device...

CVE-2019-5178

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...

CVE-2019-5179

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file...