CVE-2018-1156

CVE-2018-1156 affects MikroTik RouterOS prior to 6.42.7 and 6.40.9. It is a stack buffer overflow via the license upgrade interface, potentially enabling a remote authenticated attacker to execute code on the device. The vulnerability is mitigated by MikroTik RouterOS updates released to address ...

CVE-2018-3912

On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128...

DEBIAN-CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

UBUNTU-CVE-2018-15572

The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks...

mupdf/pdf_fuzzer: Stack-buffer-underflow in ps_index

Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=6241403096006656 Project: mupdf Fuzzer: aflmupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanmupdf Platform Id: linux Crash Type: Stack-buffer-underflow READ 8 Crash Address: 0x7fde52864418...

Delta Electronics CNCSoft and ScreenEditor Stack Buffer Overflow Vulnerability

Delta Electronics CNCSoft and ScreenEditor are products of Delta Electronics, a CNC machine simulation system software and ScreenEditor, a HMI programming software. A stack buffer overflow vulnerability exists in Delta Electronics CNCSoft version 1.00.83 and earlier and ScreenEditor version...

Cloudme 1.9 - Buffer Overflow (DEP) Учздщше

Exploit for windows platform in category local exploits Exploit Title: Cloudme 1.9 - Buffer Overflow DEP Metasploit Date: 2018-08-13 Exploit Author: Raymond Wellnitz Vendor Homepage: https://www.cloudme.com Version: 1.8.x/1.9.x Tested on: Windows 7 x64 CVE : 2018-6892 This module requires...

Computerinsel Photoline Stack Buffer Overflow Vulnerability

Computerinsel Photoline is a suite of image editing software. A stack buffer overflow vulnerability exists in the PSD parsing feature in Computerinsel Photoline version 20.54. An attacker can exploit this vulnerability by sending a specially crafted PSD image to overwrite arbitrary data and execu...

CVE-2018-5924

A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution...

Stack overflow

A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution...

CVE-2018-5924

CVE-2018-5924 affects certain HP inkjet printers. The issue arises when a maliciously crafted file is processed by the device, causing a stack buffer overflow and enabling remote code execution. Public reporting attributes a high or critical impact (CVSS v3.0: 9.8, network exposure, no user inter...

freetype2/cff-ftengine: Stack-buffer-overflow in cff_parser_run

Detailed report: https://oss-fuzz.com/testcase?key=5723673720782848 Project: freetype2 Fuzzer: aflfreetype2cff-ftengine Fuzz target binary: cff-ftengine Job Type: aflasanfreetype2 Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7fa252831e10 Crash State: cffparserrun...

EulerOS 2.0 SP3 : procps-ng (EulerOS-SA-2018-1230)

According to the versions of the procps-ng package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any securi...

Samsung SmartThings Hub video-core HTTP server buffer overflow vulnerability (CNVD-2018-14291)

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A stack buffer overflow vulnerability exists in the samsungWifiScan callback notification of the video-core HTTP server in the Samsung SmartThings Hub, which ste...

Samsung SmartThings Hub video-core HTTP server buffer overflow vulnerability (CNVD-2018-14289)

Samsung SmartThings Hub is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A stack buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server in the Samsung SmartThings Hub, which originates...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

FreeBSD : chromium -- multiple vulnerabilities (b9c525d9-9198-11e8-beba-080027ef1a23)

Google Chrome Releases reports : 42 security fixes in this release, including : - 850350 High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07 - 848914 High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01 -...

Security update for Chromium (important)

This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530: - CVE-2018-6153: Stack buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC -...

Security update for Chromium (important)

This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530: - CVE-2018-6153: Stack buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC -...

CVE-2017-2630

A stack buffer overflow flaw was found in the Quick Emulator QEMU before 2.9 built with the Network Block Device NBD client support. The flaw could occur while processing server's response to a 'NBDOPTLIST' request. A malicious NBD server could use this issue to crash a remote NBD client resultin...