Debian Linux Security Advisory 4293-1 - Several heap buffer overflows were found in discount, an implementation of the Markdown markup language, that could be triggered witth specially crafted Markdown data and would cause discount to read past the end of internal buffers.
4421b9685d73866006c16d1c98ab0cb1InduSoft Web Studio version 8.1 suffers from a buffer overflow vulnerability.
f4dbd64a51d4d3407489174d0f64273eFaleemi Desktop Software version 1.8.2 suffers from a buffer overflow vulnerability.
f64ad4c397c58475d0341465de20c396Socusoft Photo to Video Converter version 8.07 suffers from a buffer overflow vulnerability.
c14f1427997d477af1c5f50b58e28a25Free MP3 CD Ripper version 2.6 suffers from a buffer overflow vulnerability.
ed72e62593e8ba4f4e3879a95dc93a3eInTouch Machine Edition version 8.1 SP1 Nombre del Tag SEH buffer overflow exploit.
74fb690f9b84e14b840290f700320bb1Piotr Gabriel Kosinski and Daniel Shapira discovered a stack-based buffer overflow in the CDROM driver implementation of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Jann Horn discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep xattr information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues have also been addressed.
15d9cf4ac6ec9024e548bcb059849043Red Hat Security Advisory 2018-2666-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 69.0.3497.81. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.
641dc5403658aa3dd26200b59b29ed6aEasy File Sharing Web Server version 6.9 POST msg.ghp UserID remote buffer overflow SEH exploit with DEP bypass and ROP.
b31f7c399d1e719caf9218f318385547Photo To Video Converter Professional version 8.07 suffers from a buffer overflow vulnerability.
83ae00a910c8213726af8ee73a0f1643Flash Slideshow Maker Professional version 5.20 suffers from a buffer overflow vulnerability.
96777c75e7183d893bf1059ef37c9a90Socusoft 3GP Photo Slideshow version 8.05 suffers from a buffer overflow vulnerability.
db23abb25a525dd63434a5c5b00f4516SocuSoft iPod Photo Slideshow version 8.05 suffers from a buffer overflow vulnerability.
75b0bdbc1304ebaa9de77b9671f5c5a0iSmartViewPro version 1.5 suffers from a buffer overflow vulnerability.
07df1504f9e8ea17d02267ea4ac7ea64DVD Photo Slideshow Professional version 8.07 suffers from a buffer overflow vulnerability.
30ef333e9130579123cc654402ae5b9aDebian Linux Security Advisory 4286-1 - Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.
1c2a320358f153133062444a0f5d9c7fsqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
001dd095cf0009c79d3e957e256abc10Debian Linux Security Advisory 4284-1 - Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed.
11062157fe2f39797ae7b831b3ea166cFTPShell Server version 6.80 add account name SEH buffer overflow exploit.
34568d1e9161102f3afd7f4d22611193Red Hat Security Advisory 2018-2607-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, deserialization, local file inclusion, and remote file inclusion vulnerabilities.
8d6bb6d7cca228e5f559c645afc38ceaRed Hat Security Advisory 2018-2608-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include buffer overflow, denial of service, and deserialization vulnerabilities.
66b716a851143f3719724f28dc3fdadaiSmartViewPro version 1.5 suffers from a DDNS buffer overflow vulnerability.
065737ba91149b7e04f1601353fa5a26Android Dexdump, tested on Nexus 4 with Android 5.1.1, was found to have a buffer overflow vulnerability.
beba8773ab7dd8bbd262ba56aaa9caa8Linux suffers from a reiserfs listxattr_filler() heap overflow vulnerability.
32f35281c7d063fa006860df2819530eProof of concept exploit that demonstrates a buffer overflow vulnerability in the Intel Management Engine as described in INTEL-SA-00086.
2f77faadeb0a2c90ab38401dea8d9030
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed