CVE-2026-42859

A flaw was found in neatvnc, a VNC server library. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted handshake with an oversized client RSA public key. This action causes a pre-authentication stack buffer overflow, leading to a denial of service due to a...

CLSA-2026-1777541445 bluez: Fix of 3 CVEs

CVE-2022-0204: fix heap overflow when appending prepare writes in gatt-server - CVE-2022-39176: fix not checking paramslen in AVRCP vendordep PDU handling - CVE-2022-39177: fix accepting invalid/malformed capabilities in AVDTP...

CVE-2026-7034 Tenda FH1202 httpd WrlExtraSet stack-based overflow

A vulnerability was found in Tenda FH1202 1.2.0.14408. Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated remotely. The exploit...

KB5078734: Windows Server version 23H2 Security Update (March 2026)

The remote Windows host is missing security update 5078734. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. CVE-2026-23669 - Heap-based buffer overflow in Windows File Server...

CVE-2026-3398

CVE-2026-3398 affects Tenda F453 1.0.0.3. The vulnerability is in the httpd component, specifically the function fromAdvSetWan in the file /goform/AdvSetWan. Manipulating the argument wanmode/PPPOEPassword can cause a buffer overflow, with remote exploitation. The exploit has been publicly disclo...

MiracleLinux 9 : rsyslog-8.2102.0-101.el9.1 (AXSA:2022-3974:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3974:05 advisory. rsyslog: Heap-based overflow in TCP syslog server CVE-2022-24903 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

CVE-2025-14654 Tenda AC20 httpd setPptpUserList formSetPPTPUserList stack-based overflow

A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The...

CVE-2025-64721 Sandboxie's Integer Overflow in SbieIniServer::RC4Crypt allows sandbox escape and SYSTEM compromise

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.6 and below, the SYSTEM-level service SbieSvc.exe exposes SbieIniServer::RC4Crypt to sandboxed processes. The handler adds a fixed header size to a caller-controlled valuelen...

CVE-2022-40068

Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetQosBand...

CVE-2015-6750

Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitrary code via a long USER command...

The vulnerability of DHCP servers for real-time operating systems like Wind River VxWorks allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of DHCP servers for real-time operating systems from Wind River VxWorks relates to operations that go beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

CVE-2024-51116

Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'...

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the asynchronous messaging library ZeroMQ, related to the occurrence of stack buffer overflows on the server, allows attackers to compromise the confidentiality, integrity, and accessibility of the system.

The vulnerability of the asynchronous messaging library ZeroMQ relates to the invocation of a buffer overflow on the server. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the system by sending specially crafted subscription...

PT-2023-9251 · Actiontec · Actiontec Wcb6200Q

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. The specific flaw exists within the HTTP server,...

dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort

An integer overflow vulnerability was found in the DHCP server. When the "optioncodehashlookup" function is called from "addoption", it increases the option's "refcount" field. However, there is not a corresponding call to "optiondereference" to decrement the "refcount" field. The "addoption"...

SUSE CVE-2008-3547

Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service persistent game disruption or possibly execute arbitrary code via vectors involving many long names for "companies and clients."...

NETGEAR N300 缓冲区错误漏洞

NETGEAR N300 is a wireless router from NETGEAR. A buffer error vulnerability exists in the NETGEAR N300 wireless router wnr2000v4-V1.0.0.70 version, which stems from susceptibility to uhttpd buffer overflow and a stack overflow vulnerability in strcpy...

Mageia: Security Advisory (MGASA-2019-0011)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server

A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0...