CWE-119

Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.

The decode program in silk-v3-decoder Version:20160922 Build By kn007 does not strictly check data, resulting in a buffer overflow.

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.

When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename=”” parameter in the uploadfile_name1.htm form to a length of 368 or more bytes. This will create a buffer overflow condition, causing the application to crash.

Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).

The unserialize() function supported a type code, “S”, which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58.1, 4.59.0, 4.60.0, 4.61.0, 4.62.0.