Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2023-324)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-324 advisory. In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities...

The vulnerability of the uv_encode() function in the LibTIFF library, caused by buffer overflows in the stack, allows attackers to trigger a service denial.

The vulnerability of the uvencode function in the LibTIFF library arises due to buffer overflow on the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

Medium: ruby20

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could...

The vulnerability of the fax3encode function in the LibTIFF library, which allows a hacker to trigger a service failure.

The vulnerability of the fax3encode function in the LibTIFF library arises from buffer overflows in the stack. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

The vulnerability of the rotateimage() function in the LibTIFF library allows a attacker to cause a service failure.

The vulnerability of the rotateimage function in the LibTIFF library arises due to buffer overflow on the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

Oracle Linux 7 : qemu (ELSA-2018-4262)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4262 advisory. - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28762625 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug:...

OSV-2023-797 Stack-buffer-overflow in QBuffer::readData

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62075 Crash type: Stack-buffer-overflow WRITE Crash state: QBuffer::readData QIODevicePrivate::read QDataStream::readRawData...

Debian dla-3555 : libapache2-mod-php7.3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3555 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3555-1 [email protected]...

SUSE SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2023:3528-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3528-1 advisory. - In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml...

Debian dla-3556 : aom-tools - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3556 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3556-1 [email protected]...

Debian DSA-5490-1 : aom - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5490 advisory. - AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c. CVE-2020-36130 - AOM v2.0.1 was discovered to contain a stac...

[SECURITY] [DLA 3555-1] php7.3 security update

Debian LTS Advisory DLA-3555-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 05, 2023 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u5 CVE ID : CVE-2023-3823 CVE-2023-3824 Security issues were found in PHP, a widely-used open sourc...

NVClient v5.0 - Stack Buffer Overflow (DoS)

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 2023-08-19 Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual:...

NVClient v5.0 - Stack Buffer Overflow Exploit

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual: http://download.eyemaxdvr.com/DVST%20ST%20SERIES/CMS/Video%20Surveillance%20Management%20SoftwareV5.0.pdf...

NVClient 5.0 Stack Buffer Overflow

Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 2023-08-19 Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual:...

The vulnerability of the extractContigSamplesShifted8bits() function in the component/libtiff/tools/tiffcrop.c library of LibTIFF, which allows a malicious actor to cause a service failure.

The vulnerability of the extractContigSamplesShifted8bits function in the component /libtiff/tools/tiffcrop.c of the LibTIFF library is caused by a buffer overflow on the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

OESA-2023-1573 json-c security update

JSON-C implements a reference counting object model that allows you to easily construct JSON objects in C, output them as JSON formatted strings and parse JSON formatted strings back into the C representation of JSON objects. Security Fixes: An issue was discovered in json-c through 0.15-20200726...

Tenda AC7 timeZone Parameter Stack Buffer Overflow Vulnerability

The Tenda AC7 is a dual-band wireless router with a strong signal and stable performance for large, multi-bedroom users. The Tenda AC7 suffers from a stack buffer overflow vulnerability that originates from the timeZone parameter of /goform/SetSysTimeCfg failing to correctly validate the length a...

Tenda AC23 Compare_parentcontrol_time function stack buffer overflow vulnerability

Tenda AC23 is a home dual-band wireless router launched by Tenda, focusing on large home coverage and high-speed transmission, supporting 802.11acWave2 technology, dual-band concurrent rate up to 2033Mbps. The Tenda AC23 suffers from a stack buffer overflow vulnerability, which stems from the...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : FAAD2 vulnerabilities (USN-6313-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6313-1 advisory. It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...