769 matches found
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-13333)
Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a vulnerability that could provide weaker than expected security when enabling AES-256 password encryption. Vulnerability Details Refer to the security bulletins listed in the...
CVE-2019-25326
ipPulse 1.92 contains a local denial-of-service flaw triggered by an oversized input in the Enter Key field. A crafted 256-byte buffer of repeated 'A' characters can crash the application when pasted. The vulnerability requires local access and user action (paste) to exploit, with the issue descr...
CVE-2020-37134
UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by manipulating VNC Server input. Attackers can generate a malformed 256-byte payload and paste it into the VNC Server connection dialog to trigger an application crash...
EUVD-2020-31034
UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by manipulating VNC Server input. Attackers can generate a malformed 256-byte payload and paste it into the VNC Server connection dialog to trigger an application crash...
RLSA-2026:1696 Moderate: util-linux security update
The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...
RLSA-2026:1913 Moderate: util-linux security update
The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...
util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function, affecting SUID Set User ID login-utils utilities writing to the password database...
util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function, affecting SUID Set User ID login-utils utilities writing to the password database...
Moderate: util-linux security update
The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fixes: util-linux: util-linux: Heap buffer overread in setpwnam when processing...
SUSE-SU-2026:0366-1 Security update for util-linux
This update for util-linux fixes the following issues: - CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666...
RHEL 10 : util-linux (RHSA-2026:1696)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1696 advisory. The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these...
ens-contracts-bug-62248-pr-509
DNS SEC upgrade repo Summary This repo contains the solut...
Azure Linux 3.0 Security Update: cmake / curl (CVE-2024-6874)
The version of cmake / curl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6874 advisory. - libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a...
CVE-2021-47815
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash...
CVE-2021-47815
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash...
MiracleLinux 7 : golang-1.8.3-1.el7 (AXSA:2017-2315:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2315:02 advisory. A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could possibly use this flaw to extract private...
CVE-2021-47814 NBMonitor 1.6.8 - Denial of Service (PoC)
NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a 256-character buffer into the registration key field to trigger an application crash and potential system instability...
CVE-2021-47815 Nsauditor 3.2.3 - Denial of Service (PoC)
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash...
CVE-2021-47815
CVE-2021-47815 (Nsauditor 3.2.3) has a denial-of-service vulnerability in the registration code input field. The issue allows an attacker to crash the application by pasting a large buffer (256 repeated characters) into the Key field, as described in the NVD entry. The connected documents corrobo...
CVE-2021-47813 Backup Key Recovery 2.2.7 - Denial of Service (PoC)
Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a large buffer of 256 repeated characters into the registration key field to trigger application instability an...