712 matches found
Alloksoft WMV to AVI MPEG DVD WMV Converter 安全漏洞
Alloksoft WMV to AVI MPEG DVD WMV Converter is a video format conversion tool developed by Alloksoft Corporation. Version 4.6.1217 of Alloksoft WMV to AVI MPEG DVD WMV Converter has a security vulnerability. This vulnerability arises from allowing excessively long license inputs, which may cause...
CLSA-2026-1771010890 freerdp: Fix of 5 CVEs
CVE-2026-22859: fix out-of-bounds access due to missing interface index validation in urbdrc channel - CVE-2026-23732: fix out-of-bounds read due to missing input length check in glyph conversion - CVE-2026-23883: fix integer overflow in cursor pixel allocation and surface-to-surface rectangle...
kernel: Linux kernel: Out-of-bounds write in Bluetooth MGMT can lead to information disclosure and denial of service
A flaw was found in the Linux kernel's Bluetooth management MGMT subsystem. A local attacker could exploit an out-of-bounds OOB write vulnerability in the parseadvmonitorpattern function. This occurs when user-controlled input for the length variable exceeds the buffer's capacity during a copy...
Huawei HarmonyOS HDC module buffer overflow vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer overflow vulnerability that stems from the HDC module failing to properly validate the length and size of input data,...
Microsoft Hyper-V 缓冲区错误漏洞
Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A buffer overflow vulnerability exists in Microsoft Hyper-V. The vulnerability stems from a failure to properly validate the length and size of...
Microsoft Excel 缓冲区错误漏洞
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A buffer overflow vulnerability exists in Microsoft Excel. The vulnerability stems from the program's failure to properly validate the length and size of input data, which can be exploited by an attacker ...
Tenda TX9 安全漏洞
The Tenda TX9 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda TX9 goform/SetStaticRouteCfg file, which originates from the parameter list of the function sub42D03C within the file /goform/SetStaticRouteCfg that fails to correctly validate t...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a buffer overflow vulnerability that stems from the HDC module failing to properly validate the length and size of input data,...
GHSA-R6V5-FH4H-64XC time vulnerable to stack exhaustion Denial of Service attack
Impact When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,...
EUVD-2020-31031
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash...
CVE-2020-37127 dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcprelease utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcprelease process by sending a crafted input string longer than 16...
CVE-2020-37127 dnsmasq-utils 2.79-1 - 'dhcp_release' Denial of Service
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcprelease utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcprelease process by sending a crafted input string longer than 16...
RUSTSEC-2026-0009 Denial of Service via Stack Exhaustion
Impact When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,...
Denial of Service via Stack Exhaustion
Impact When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,...
CVE-2025-36094
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length...
PT-2026-6571
Name of the Vulnerable Software and Affected Versions Dnsmasq-utils version 2.79-1 Description The software contains a buffer overflow in the dhcp release utility. An attacker can cause a denial of service by providing input exceeding 16 characters, leading to a core dump and process termination...
CVE-2025-36094
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length...
CVE-2025-36094
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length...
CVE-2025-36094
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length...
CVE-2025-36094 Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026.
IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length...