Buffer overflow

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01e7d4 the value for the svol key is copied using strcpy to the buffer at 0xa0001700. This buffer is maximum 12 bytes large this is the maximum size it could be,...

CVE-2017-16346

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c368 the value for the smac key is copied using strcpy to the buffer at 0xa000170c. This buffer is 25 bytes large, sending anything longer will cause a buffer...

Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)

Sony Playstation 4 PS4 5.1 - Kernel PoC log"--- trying kernel exploit --"; function mallocsz var backing = new Uint8Array0x10000+sz; window.nogc.pushbacking; var ptr = p.read8p.leakvalbacking.add320x10; ptr.backing = backing; return ptr; function malloc32sz var backing = new Uint8Array0x10000+sz4...

EDIMAX IC-3140W, IC-5150W and IC-6220DC Buffer Overflow Vulnerability

EDIMAX IC-3140W, IC-5150W and IC-6220DC are all different series of network camera products from EDIMAX. A stack buffer overflow vulnerability exists in the EDIMAX IC-3140W 3.06 and earlier, IC-5150W 3.09 and earlier, and IC-6220DC 3.06 and earlier, which stems from a program failing to properly...

Stack overflow

An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcamcgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUEHERE HTTP...

CVE-2018-8072

An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcamcgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUEHERE HTTP...

imagemagick/crop_fuzzer: Strcpy-param-overlap in LibRaw::identify

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6194991601811456 Project: imagemagick Fuzzer: libFuzzerimagemagickcropfuzzer Fuzz target binary: cropfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

EMC AlphaStor Library Manager 4.0 build 910 - Opcode 0x4f Buffer Overflow (Metasploit)

EMC AlphaStor Library Manager 4.0 build 910 - Opcode 0x4f Buffer Overflow Metasploit require 'msf/core' class MetasploitModule 'EMC AlphaStor Library Manager Opcode 0x4f', 'Description' = %q This module exploits a stack based buffer overflow found in EMC Alphastor Library Manager version 'james...

The vulnerability of the Linux operating system’s kernel, which arises due to the lack of checks for buffer length, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Linux operating system’s kernel arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to trigger buffer overflows and compromise the confidentiality, integrity, and accessibility of protect...

DEBIAN-CVE-2017-12762

In /drivers/isdn/i4l/isdnnet.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree...

CVE-2017-12762

In /drivers/isdn/i4l/isdnnet.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree...

PT-2017-2720 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.18-stable through 4.12-stable Description: The issue is caused by a buffer overflow in the Linux kernel due to a user-controlled buffer being copied into a local buffer of constant size using the strcpy function withou...

CVE-2017-9430

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv0. An example threat model is a web application...

CVE-2017-9430

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv0. An example threat model is a web application...

Heap Overflow Vulnerability in Citrix NetScaler Gateway (CVE-2017-7219)

After presenting my findings on the Swisscom router at the CybSecConference last year, I started looking for a new product to analyze. I quickly found that it’s possible to download virtual “demo” appliances of Citrix products, so I went on to download a Netscaler VPX, which at the time was at...

Multiple high-risk vulnerabilities in Samsung's TiZen system

Tizen Tazen is an open source, standardized Linux-based operating system developed by two major Linux consortia, LiMo Foundation and Linux Foundation, integrating their resource strengths and working together with Intel and Samsung Electronics. Samsung's TiZen system suffers from several high-ris...

wifirxpower - Local Buffer Overflow

Exploit for linux platform in category dos / poc + Title: wifirxpower - Local Stack Based Buffer Overflow + Credits / Discovery: Nassim Asrir + Author Email: email protected || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: N/A Vendor: ===============...