Lucene search
K

24 matches found

CVE
CVE
added last week45 views

CVE-2026-14355

The CVE-2026-14355 issue affects PHP 8.2.x before 8.2.32, 8.3.x before 8.3.32, 8.4.x before 8.4.23, and 8.5.x before 8.5.8. It is caused by a buffer allocation flaw in the AES-WRAP-PAD algorithm within the OpenSSL extension, where the output buffer for AES key-wrap-with-padding is sized from plai...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/11 12:32 a.m.11 views

EUVD-2026-36151

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

5.6CVSS5.9AI score0.00148EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/03/10 12:0 a.m.3 views

The vulnerabilities of the i40e components of the Linux operating system allow attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the i40e components of the Linux operating system’s kernel is related to incorrect calculation of buffer sizes. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

4.6CVSS7.4AI score0.00193EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/02/26 12:0 a.m.3 views

The vulnerability of the snd_usb_endpoint_set_params() function in the sound/usb/endpoint.c module of Linux’s sound device support for USB audio devices allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sndusbendpointsetparams function in the sound/usb/endpoint.c module, which is part of Linux’s sound device support for USB devices, is related to incorrect calculation of buffer size. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.3CVSS6.3AI score0.00222EPSS
Exploits0References28Affected Software6
Snyk
Snyk
added 2026/02/24 2:0 a.m.5 views

Incorrect Calculation of Buffer Size

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

9.1CVSS5.7AI score0.00404EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.9 views

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in its ability to copy buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the copying of buffers without checking the size of the input data when processing GIF files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00257EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.8 views

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWirelessTbl file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWirelessTbl file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

9CVSS7.7AI score0.00661EPSS
Exploits0References5Affected Software3
RedhatCVE
RedhatCVE
added 2025/05/22 7:14 p.m.8 views

CVE-2021-22392

There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses...

7.5CVSS7AI score0.0062EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.6 views

The vulnerability of SIMATIC PCS, SIMATIC WinCC Runtime Professional, and SIMATIC WinCC control systems lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to trigger malfunctions during maintenance operations.

The vulnerability of SIMATIC PCS, SIMATIC WinCC Runtime Professional, and SIMATIC WinCC control systems lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to cause malfunctions in the system’s operations...

6.2CVSS7.2AI score0.00182EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/06/28 12:0 a.m.6 views

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to execute arbitrary code, increase their privileges, or disclose sensitive information.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code, increase their privileges, or disclose sensitive information...

7.8CVSS5.6AI score0.00213EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/03/15 12:0 a.m.6 views

The vulnerability of the Kofax PowerPDF software, which is used for creating, converting, editing, and publishing PDF files, stems from the copying of buffers without checking the size of the input data. This allows an attacker to execute arbitrary code.

The vulnerability of the Kofax PowerPDF software for creating, converting, editing, and publishing PDF files lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially crafted PDF fi...

7.8CVSS7.7AI score0.00421EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/26 12:0 a.m.6 views

The vulnerability of the create_empty_lvol() function in the UBI driver (Unsorted block images) of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the createemptylvol function in the drivers/mtd/ubi/vtbl.c file of the UBI driver Unsorted block images in the Linux operating system is related to the lack of control over the size of the requested buffer. Exploiting this vulnerability could allow an attacker to cause a...

5.5CVSS6.5AI score0.00248EPSS
Exploits0References23Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.8 views

The vulnerability of the __vsyslog_internal function in the GNU C Library, related to incorrect calculation of buffer size, allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the vsysloginternal function in the GNU C Library is related to incorrect calculation of the buffer size. Exploiting this vulnerability may allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS7.2AI score0.02711EPSS
Exploits2References13Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.5 views

The software for PLC programming by Delta Electronics WPLSoft has a vulnerability related to copying buffers without checking the size of the input data. This allows an intruder to execute arbitrary code.

The vulnerability of Delta Electronics WPLSoft PLC programming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created DVP file...

10CVSS8.1AI score0.00649EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/05 5:15 p.m.4 views

CVE-2023-45040

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

7.2CVSS6.1AI score0.0064EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.6 views

The vulnerability of HP LaserJet Pro printer’s microprogramming software lies in the copying of buffers without checking the size of the input data, allowing a hacker to execute arbitrary code.

The vulnerability of HP LaserJet Pro printer microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

8.8CVSS8.1AI score0.01486EPSS
Exploits0References3Affected Software26
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.4 views

The vulnerability of the export-v2.php and ajax.render.php components of the iTop IT service management web tool allows a perpetrator to execute arbitrary code.

The vulnerability of the export-v2.php and ajax.render.php components of the iTop IT service management web tool is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00448EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/10/06 5:15 p.m.4 views

CVE-2023-32971

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

7.2CVSS6.1AI score0.00547EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/09/11 12:0 a.m.6 views

The vulnerability of the rotateimage() function in the libtiff library, which allows a hacker to cause a service failure

The vulnerability of the rotateimage function in the libtiff library is related to incorrect calculation of the buffer size. Exploiting this vulnerability may allow a remote attacker to cause a service failure...

7.8CVSS7AI score0.00939EPSS
Exploits1References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/11/30 12:0 a.m.6 views

The vulnerability of the mwifiexcmd_802_11_ad_hoc_start() function in the Marvell Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the mwifiexcmd80211adhocstart function in the Marvell Linux operating system kernel lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a long SSID value...

6.8CVSS7.1AI score0.02209EPSS
Exploits0References44Affected Software9
Rows per page
Query Builder