CVE-2025-11782

CVE-2025-11782 affects Circutor SGE-PLC1000/SGE-PLC50 (v9.0.2). The ShowDownload() function uses sprintf() to format a string with user-controlled GetParameter(meter) input into a fixed 64-byte buffer (acStack_4c) without length checks, enabling a stack-based overflow if meter exceeds the buffer....

PT-2025-48672

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists in the software due to insufficient bounds checking when handling user-supplied input. The ShowDownload function utilizes sprintf to format a string,...

CVE-2025-12970

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...

CVE-2025-60693

A stack-based buffer overflow exists in the getmergemac function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function concatenates up to six user-supplied CGI parameters matching 05 into a fixed-size buffer a2 without proper bounds checking, appending...

SUSE SLES12 Security Update : squid (SUSE-SU-2025:03607-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03607-1 advisory. - CVE-2025-59362: fixed buffer overflow bsc1250627 Tenable has extracted the preceding description block directly from the SUSE security advisory. Not...

EUVD-2022-15979

Malicious code in bioql PyPI...

EUVD-2022-29570

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-37816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen attribute on vsctppacket.buf and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it...

DEBIAN-CVE-2024-53681

In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...

Ubuntu 16.04 ESM : Libntlm vulnerability (USN-5108-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5108-2 advisory. USN-5108-1 fixed a vulnerability in Libntlm. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

CVE-2023-2598

A flaw was found in the fixed buffer registration code for iouring iosqebufferregister in iouring/rsrc.c in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation...

D-Link DIR-1935 安全漏洞

The D-Link DIR-1935 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-1935 that stems from a failure to properly validate the length of user-supplied data before copying it into a fixed-length buffer when parsing NetMask elements...

Accel-Ppp 缓冲区错误漏洞

Accel-Ppp is a high performance Pptp/L2tp/Pppoe/Ipoe server for Linux. A security vulnerability exists in Accel-Ppp, which stems from user input cmdlinelen being copied into a fixed buffer b-buf without any binding checks...

CVE-2022-0982

The telnetinputchar function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdlinelen is copied into a fixed buffer b-buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger...

CVE-2022-24704

The radpacketrecv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr-val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow...

CVE-2022-24705

The radpacketrecv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigge...

CVE-2022-24704

The radpacketrecv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr-val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow...

Corel Parallels Desktop 权限许可和访问控制问题漏洞

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A privilege-granting and access control issue vulnerability exists in Corel Parallels Desktop that stems from a lack of proper validation of the length of user-supplied data before copying it ...

Design/Logic Flaw

In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violations and denial of...