Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2016-8383: TALOS-2016-0208 || Cisco Talos Intelligence Group

An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this vulnerability.

CVE
Open in Source
#vulnerability#web#mac#ubuntu#linux#cisco#intel#rce#buffer_overflow
CVE-2018-3848: TALOS-2018-0531 || Cisco Talos Intelligence Group

In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.

CVE-2018-1100: zsh / Code

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

CVE-2018-3839: TALOS-2018-0521 || Cisco Talos Intelligence Group

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.

CVE-2017-2867: TALOS-2017-0373 || Cisco Talos Intelligence Group

An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability.

CVE-2017-2868: TALOS-2017-0374 || Cisco Talos Intelligence Group

An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability.

CVE-2017-2869: TALOS-2017-0375 || Cisco Talos Intelligence Group

An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability.

CVE-2017-2853: TALOS-2017-0355 || Cisco Talos Intelligence Group

An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability.

CVE-2018-9284: FortiGuard Labs Discovers Vulnerability in D-Link Router DIR868L

authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code.

CVE-2018-8905: POCs/libtiff-4.08_tiff2ps_heap_overflow at master · halfbitteam/POCs

In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.