D-Link DAP-1320 Stack Buffer Overflow Vulnerability (CNVD-2025-13521)

The D-Link DAP-1320 is a wireless signal extender from China-based AUO D-Link. The D-Link DAP-1320 suffers from a stack buffer overflow vulnerability that originates from the function setwsaction in the file /dws/api/. An attacker can exploit this vulnerability to cause a program crash or even...

Tenda AC8 Buffer Overflow Vulnerability (CNVD-2025-09220)

Tenda AC8 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in the Tenda AC8, which can be exploited by an attacker to cause a program crash or even arbitrary code execution...

Linux Distros Unpatched Vulnerability : CVE-2023-45667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep t...

Linux kernel scsi: libfc memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that originates from a mix-up in the instructions responsible for freeing memory in scsi: libfc. An attacker could...

Linux kernel pm runtime resume memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that originates from the use of freed memory during pm runtime resume. An attacker could exploit this vulnerabilit...

Linux Distros Unpatched Vulnerability : CVE-2022-2520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted...

Linux kernel vesafb driver memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that originates from a confusion in the instruction responsible for freeing memory in the vesafb driver. An attack...

Linux Distros Unpatched Vulnerability : CVE-2017-7224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The findnearestline function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write of size 1 while disassembling a corrupt binary that contains an...

Linux Distros Unpatched Vulnerability : CVE-2017-7223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow of size 1 while attempting to unget an EOF character from the input stream,...

Linux Distros Unpatched Vulnerability : CVE-2017-7209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dumpsectionasbytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program...

Linux Distros Unpatched Vulnerability : CVE-2017-7301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that has an off-by-one...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that originates from a mix-up in the instructions responsible for freeing memory in scsi: libfc. An attacker could...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that originates from a confusion in the instruction responsible for freeing memory in the vesafb driver. An attack...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory misreference vulnerability that stems from a confusion in the instructions responsible for freeing memory when the sysfs trigger is removed. ...

CVE-2024-4640

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...

Advisory ROSA-SA-2025-2590

software: vim 9.1.0754 WASP: ROSA-CHROME packageevrstring: vim-9.1.0754-1 CVE-ID: CVE-2024-41957 BDU-ID: 2024-06478 CVE-Crit: LOW CVE-DESC.: A vulnerability in the tagstackclearentry function of the src/alloc.c file of the vim text editor exists due to a bug in the use of pointers after memory...

CVE-2024-51491

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

PT-2025-25520

Name of the Vulnerable Software and Affected Versions libxml2 versions affected versions not specified Description A use-after-free issue was found in libxml2, occurring when parsing XPath elements under certain circumstances, specifically when the XML schematron contains the "sch:name path" sche...

CVE-2024-52558

The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program...

Regular Expression Denial Of Service (ReDoS)

cross-spawn is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to improper input sanitization, which allows an attacker to craft a large string that increases CPU usage and crashes the program...