An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of bounds in a heap allocated buffer. The vulnerability can be triggered by a DNS response in reply to a DNS request from nginx when the resolver primitive is configured. A specially crafted packet allows overwriting the least significant byte of next heap chunk metadata with 0x2E. A network attacker capable of providing DNS responses to a nginx server can achieve Denial-of-Service and likely remote code execution. Due to the lack of DNS spoofing mitigations in nginx and the fact that the vulnerable function is called before checking the DNS Transaction ID, remote attackers might be able to exploit this vulnerability by flooding the victim server with poisoned DNS responses in a feasible amount of time.
3dfbbfc75ab8248919c960e6279f4525444e77d8b1532e2dc80da38820b690c4
mgetty version 1.2.0 suffers from buffer overflow, code execution, and various other privilege escalation related vulnerabilities.
5cde5e7365b154e8262b6205e6637682d79c5af218b7b7eaba96caf20fd7870a
Multiple bugs were found in the code handling fax page reception in JPEG format that allow arbitrary writes to an uninitialized pointer by remote parties dialing in. When processing an specially crafted input, the issue could lead to remote code execution. HylaFAX versions 6.0.6 and 5.6.0 are affected.
a6ae5d3d4dedcc85875a8b486ef5cb3f062250e0ddef95b52ca59a9b77f9c066
It is possible to replay an authentication by using a specially prepared smartcard or token in case pam-pkcs11 is compiled with NSS support. Furthermore two minor implementation issues have been identified. Linux PAM version 0.6.9 is affected.
b156716f0716691c0ca438fba63d6af0df228025140f98efed7f8babd73f2e70
Yubico version 0.1.9 libykneomgr suffers from out of bounds read and write vulnerabilities.
f026402949671b5c7eaa93c8c450e63c93a2dd7a8bf17ecede7d2e2b8238938b
Attackers with local access can exploit security issues in the smartcard driver. These result in memory corruptions, which might lead to code execution. Since smartcards can be used for authentication, the vulnerabilities may allow an attacker to login to the system without valid credentials as any user.
03f8a989d5a6ce06634983e336918a7bae2b2c343a199065eb0802f689d3a8c5
Multiple issues have been identified in OpenSC, ranging from stack based buffer overflows to out of bounds reads and writes on the heap. They can be triggered by malicious smartcards sending malformed responses to APDU commands. Additionally to those fixes reported here, a lot of minor issues (eg. OOB reads and similar) have been reported and fixed. Version 0.18.0 is affected.
7cbf1ff1fb1b510bc49220cd0645d75c841ff20cdb39c8575a2bdfc1fe2b2b64
A buffer overflow and an out of bounds memory read were identified in the yubico-piv-tool-1.5.0, these can be triggered by a malicious token.
ba4bb77ccc36b888c9bfe1c04ac1e72de278a001510604b38d74fbc9bf952c81
PSFTPd Windows FTP Server version 10.0.4 Build 729 suffers from use-after-free, log injection, and various other vulnerabilities.
2ab7fc41e437445992806fe81144885bb0a72f231da48d63855358ad4c080447
Peplink version 7.0.0-build1904 suffers from cross site request forgery, cross site scripting, file deletion, and remote SQL injection vulnerabilities.
a35c1582b7882363268493dd6fbe070be8641b56ca33272bfb77a7e2594c12ff
X.org suffers from privilege escalation, weak entropy, and use-after-free vulnerabilities.
f72f05abe9036269c3ae97121d5341b234d6db2cbe445c9d8643a82f22648e4d
tnef versions 1.4.12 and below suffer from multiple integer overflows, type confusions, and out of bounds read and write vulnerabilities.
5705b80ef5130f182eaa09743b3b19d2e17761e1bcc5443fc91394d3bdbe51e3
Multiple heap overflows, out of bound writes and reads, NULL pointer dereferences, and infinite loops have been discovered in ytnef versions 1.9 and below. These could be exploited by tricking a user into opening a malicious winmail.dat file.
863155d81c8f400b25a4c4da9abcbe4f9c556d4ce5bca22e8188cfbb64d6d669
HumHub versions 0.11.2 and 0.20.0-beta.2 suffer from a remote SQL injection vulnerability.
de97ea4c72cb25e8cbe17f57855cac312d4ef10577f8830837d47392f45dc630
Grand MA 300/ID with firmware 6.60 has a weakness that allows the retrieval of the access pin from sniffed data, as well as a weakness that allows a fast brute-force attack on the pin.
c73e32f4a61efb4da53a29921041f8c4a0851a33cb60cbbd40518269570c7eb7
F*EX version 20140313-1 suffers from HTTP response splitting and cross site scripting vulnerabilities.
4dc3b01fde7c0d86d616433b95f0ae326f207faf8f3d2b9d094c09535ccd6b6e
Avira AntiVir Engine versions prior to 8.2.12.58 suffers from filter evasion and denial of service vulnerabilities.
f5e46b03133d76cb79b53518f4dfe1360eac24c598dd82d32a8f7e0fd3a49db7