SUSE-SU-2026:0910-1 Security update for vim

This update for vim fixes the following issues: Update Vim to version 9.2.0110: - CVE-2025-53906: Fixed that malicious zip archive may cause a path traversal in Vim's zip bsc1246602. - CVE-2026-26269: Fixed Netbeans specialKeys stack buffer overflow bsc1258229. - CVE-2026-28417: Fixed that a...

Tenda i12 安全漏洞

The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. Version 1.0.0.113862 of the Tenda i12 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters index and wlradio, which may lead to a stack buffer overflow atta...

Tenda CX12L 安全漏洞

The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/webExcptypemanFilter, which may lead to a stack buff...

EUVD-2026-17688

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...

CVE-2026-34555

Technical specifics (affected products/versions/vector details) are not publicly provided in the supplied documents. The entry notes a stack-buffer-overflow in iccDEV CIccTagFixedNum::GetValues() prior to 2.3.1.6 and a patch in 2.3.1.6.

Tenda CH22 安全漏洞

The Tenda CH22 is a network device produced by the Chinese company Tenda. Version 1.0.0.1 of the Tenda CH22 contains a security vulnerability. This vulnerability arises from incorrect handling of the parameter “mitlinktype” in the file/goform/QuickIndex, which may lead to a stack buffer overflow...

PT-2026-29390

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

D-Link多款产品 安全漏洞

D-Link DNS-320, etc., are products of D-Link Corporation, a Chinese company. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-320L is also a NAS device. The D-Link DNS-120 is a network storage adapter. Several D-Link products have security vulnerabilities, which stem fr...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities; these vulnerabilities were caused by specially crafted ICC configuration files that could lead to stack buffer overflo...

CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

Belkin F9K1122 安全漏洞

The Belkin F9K1122 is a WiFi signal extender produced by the Canadian company Belkin. The version 1.00.33 of the Belkin F9K1122 contains a security vulnerability. This vulnerability stems from improper handling of the webpage parameter in the file/goform/formCrossBandSwitch, which may lead to a...

EUVD-2016-10850

iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...

CVE-2016-20042 TRN 3.6-23 Stack Buffer Overflow Local Code Execution

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the...

Flat Assembler 缓冲区错误漏洞

Flat Assembler is an assembly language compiler developed by Tomasz Grysztar, designed to work on multiple platforms. Version 1.71.21 of Flat Assembler contains a buffer overflow vulnerability. This vulnerability stems from a stack buffer overflow, which could allow local attackers to execute...

PT-2026-28231

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 8150 bytes to overflow the stack, overwrite return...

SC 缓冲区错误漏洞

SC is a software developed by SC OpenSource. Version 7.16 of SC contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code...

Varaneckas JAD Java Decompiler 缓冲区错误漏洞

Varaneckas JAD Java Decompiler is a tool developed by Varaneckas Corporation that decompiles Java bytecode into readable source code. Versions of Varaneckas JAD Java Decompiler 1.5.8e-1kali1 and earlier contained a buffer error vulnerability. This vulnerability stemmed from a stack buffer overflo...

Crashmail 缓冲区错误漏洞

Crashmail is a mail processing and message exchange software developed by the Crashmail company. Version 1.6 of Crashmail contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow remote attackers to execute arbitrary code...

CVE-2026-4961

A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack is possible ...

CVE-2021-27382

A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2020 All versions SE2020MP14, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based...