Buffer Underwrite in ares_inet_net_pton()

...

CVE-2023-31130 Buffer Underwrite in ares_inet_net_pton()

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

Slackware: Security Advisory (SSA:2023-142-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] c-ares

New c-ares packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/c-ares-1.19.1-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: 0-byte UDP payload causes Denial of Service...

CVE-2023-25610 a critical RCE vulnerability in FortiOS: everything you need to know

CVE-2023-25610 is a critical RCE vulnerability in FortiOS. This vulnerability is a buffer underwrite bug in the administrative interface which could allow a remote unauthenticated attacker to execute code using specially crafted requests. Affected customers should patch immediately...

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems. The issue, tracked as CVE-2023-25610, is rated 9.3 out of 10 for severity and was internally...

Protect

A buffer underwrite 'buffer underflow' vulnerability in FortiOS, FortiManager, FortiAnalyzer, FortiWeb, FortiProxy & FortiSwitchManager administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically...

SUSE CVE-2018-16140

A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...

SUSE CVE-2019-9200

A heap-based buffer underwrite exists in ImageStream::getLine located at Stream.cc in Poppler 0.74.0 that can for example be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impa...

SUSE CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

Fortinet FortiOS <= 6.2.9 / 6.4.x <= 6.4.6 / 7.0.0 Buffer Underwrite (FG-IR-21-046)

The remote host is running a version of FortiOS prior or equal to 6.2.9 or 6.4.x prior or equal to 6.4.6 or 7.0.0. It is, therefore, affected by a buffer underwriter vulnerability in the firmware verification routine of FortiOS that may allow an attacker located in the adjacent network to...

CVE-2021-24018

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image...

CVE-2021-24018

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image...

Buffer overflow

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image...

CVE-2021-24018

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image...

CVE-2021-24018

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image...

PT-2021-6857 · Fortinet · Fortiswitch +7

Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 7.0.1 FortiWeb versions affected versions not specified FortiSwitch versions affected versions not specified FortiProxy versions affected versions not specified FortiADC versions affected versions not specified Forti...

CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

DEBIAN-CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...

CVE-2020-28024

Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtpungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF...