EUVD-2026-29105

In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...

CVE-2026-33361

In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...

CVE-2026-33361

In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...

CVE-2026-33361

Affected software: Meari IoT SDK image handling (libmrplayer.so) as used in CloudEdge 5.5.0 (build 220), Arenti 1.8.1 (build 220), and related white-label apps (≤ 1.8.x). Vulnerability detail: baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key der...

CVE-2026-33361 Meari weak XOR obfuscation

In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...

CVE-2026-33361 Meari weak XOR obfuscation

In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...

Meari IoT SDK 加密问题漏洞

Meari IoT SDK is a software development kit provided by Meari Corporation, aimed at developing applications for smart devices. There are encryption-related vulnerabilities in the Meari IoT SDK. These vulnerabilities stem from the use of a predictable key derivation method to perform reversible XO...

PT-2026-39643

In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...

CVE-2016-20048 iSelect 1.4.0-2+b1 Local Buffer Overflow via key parameter

iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...

CVE-2026-21434

webtransport-go is an implementation of the WebTransport protocol. From 0.3.0 to 0.9.0, an attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WTCLOSESESSION capsule containing an excessively large Application Error Message. The implementation...

webtransport-go: Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION Capsule

Summary An attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WTCLOSESESSION capsule containing an excessively large Application Error Message. The implementation does not enforce the draft-mandated limit of 1024 bytes on this field, allowing ...

GHSA-G6X7-JQ8P-6Q9Q webtransport-go: Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION Capsule

Summary An attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WTCLOSESESSION capsule containing an excessively large Application Error Message. The implementation does not enforce the draft-mandated limit of 1024 bytes on this field, allowing ...

PT-2026-7868

Name of the Vulnerable Software and Affected Versions webtransport-go versions 0.3.0 through 0.9.0 Description webtransport-go’s session implementation is susceptible to excessive memory consumption. An attacker can send a WT CLOSE SESSION capsule containing an excessively large Application Error...

Stream HTTP wrapper truncates redirect location to 1024 bytes

...

AZL-34735 CVE-2023-6246 affecting package glibc for versions less than 2.38-6

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

stb 安全漏洞

stb is a single-file public domain library for C/C. stbimage.h is one of the image loaders. stb stbimage.h is vulnerable, and an attacker could use stbimage to crash the service or read up to 1024 bytes of non-contiguous heap data without controlling where it is read...

HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow

No description provided by source. $Id: hpnnmovwebsnmpsrvmain.rb 12097 2011-03-23 15:45:48Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

PunkBuster < 1.229 - WebTool Service Remote Buffer Overflow (Denial of Service) (PoC)

Luigi Auriemma Application: PunkBuster http://www.punkbuster.com Versions: PunkBuster for servers, versions minor than v1.229: America's Army = v1.228 Battlefield 1942 = v1.158 Battlefield 2 = v1.184 Battlefield Vietnam = v1.150 Call of Duty = v1.173 Call of Duty 2 = v1.108 DOOM 3 = v1.159 Enemy...