openvswitch/expr_parse_target: Stack-buffer-underflow in lex_parse_hex_integer

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5699613135208448 Project: openvswitch Fuzzer: aflopenvswitchexprparsetarget Fuzz target binary: exprparsetarget Job Type: aflasanopenvswitch Platform Id: linux Crash Type: Stack-buffer-underflow REA...

Samsung Galaxy S8 Arbitrary Code Execution Vulnerability

The Samsung Galaxy S8 is a smartphone released by the South Korean company Samsung Samsung. An arbitrary code execution vulnerability exists in the Samsung Galaxy S8, which stems from a failure to properly validate the length of user-submitted data before copying it into a buffer on a fixed-lengt...

CVE-2018-14633

A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta...

CVE-2018-14633

CVE-2018-14633 affects the Linux kernel iSCSI target code, specifically chap_server_compute_md5(), where an unauthenticated remote attacker can trigger a stack-based buffer overflow, potentially causing a denial of service or exposing data from an iSCSI target. Public disclosures in 2018 indicate...

CVE-2018-14633

A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta...

graphicsmagick/coder_MVG_fuzzer: Stack-buffer-overflow in MagickGetToken

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5634802938544128 Project: graphicsmagick Fuzzer: aflgraphicsmagickcoderMVGfuzzer Fuzz target binary: coderMVGfuzzer Job Type: aflasangraphicsmagick Platform Id: linux Crash Type:...

ffmpeg/ffmpeg_AV_CODEC_ID_ILBC_fuzzer: Stack-buffer-underflow in vector_multiplication

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5638941487661056 Project: ffmpeg Fuzzer: aflffmpegAVCODECIDILBCfuzzer Fuzz target binary: ffmpegAVCODECIDILBCfuzzer Job Type: aflasanffmpeg Platform Id: linux Crash Type: Stack-buffer-underflow WRITE 2...

CVE-2018-14633

A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta...

libssh/libssh_server_fuzzer: Stack-buffer-overflow in ssh_buffer_unpack_va

Project: https://git.libssh.org/projects/libssh.git Detailed report: https://oss-fuzz.com/testcase?key=5766380100517888 Project: libssh Fuzzer: libFuzzerlibsshserverfuzzer Fuzz target binary: libsshserverfuzzer Job Type: libfuzzerasanlibssh Platform Id: linux Crash Type: Stack-buffer-overflow REA...

NUUO NVRMini2 3.8 Buffer Overflow

Exploit Title: NUUO NVRMini2 3.8 - 'cgisystem' Buffer Overflow Enable Telnet Date: 2018-09-17 Exploit Author: Jacob Baines Vendor Homepage: https://www.nuuo.com/ Device: NRVMini2 Software Link: https://www.nuuo.com/ProductNode.php?node=2 Versions: 3.8.0 and below Tested Against: 03.07.0000.0011 a...

NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)

Exploit Title: NUUO NVRMini2 3.8 - 'cgisystem' Buffer Overflow Enable Telnet Date: 2018-09-17 Exploit Author: Jacob Baines Vendor Homepage: https://www.nuuo.com/ Device: NRVMini2 Software Link: https://www.nuuo.com/ProductNode.php?node=2 Versions: 3.8.0 and below Tested Against: 03.07.0000.0011 a...

NUUO NVRMini2 3.8 - cgi_system Buffer Overflow (Enable Telnet)

NUUO NVRMini2 3.8 - cgisystem Buffer Overflow Enable Telnet Exploit Title: NUUO NVRMini2 3.8 - 'cgisystem' Buffer Overflow Enable Telnet Date: 2018-09-17 Exploit Author: Jacob Baines Vendor Homepage: https://www.nuuo.com/ Device: NRVMini2 Software Link: https://www.nuuo.com/ProductNode.php?node=2...

NUUO NVR < 3.9.1 Multiple Vulnerabilities

NUUO Network Video Recorder NVR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nuuo:nuuo";...

CVE-2018-16743

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Buffer overflow

An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

Debian DLA-1497-1 : qemu security update (Spectre)

Several vulnerabilities were found in qemu, a fast processor emulator : CVE-2015-8666 Heap-based buffer overflow in QEMU when built with the Q35-chipset-based PC system emulator CVE-2016-2198 NULL pointer dereference in ehcicapswrite in the USB EHCI support that may result in denial of service...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 69 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 69.0.3497.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

KLA11312 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. ...

Stack overflow

A stack buffer overflow in NumberingSystem in International Components for Unicode ICU for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...