Medium: zziplib

Issue Overview: Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the zzipparserootdirectory function at /zzip/zip.c. CVE-2024-39133 A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via t...

GHSA-5MWF-688X-MR7X Duplicate Advisory: Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vvfq-8hwr-qm4m. This link is maintained to preserve external references. Original Description Summary Nokogiri v1.18.3 upgrades its dependency libxml2 to v2.13.6. libxml2 v2.13.6 addresses: - CVE-2025-24928 -...

[slackware-security] libxml2

New libxml2 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.11.9-i586-2slack15.0.txz: Rebuilt. This update fixes security issues: Fix stack-buffer-overflow in xmlSnprintfElements. Fix...

GHSA-VVFQ-8HWR-QM4M Nokogiri updates packaged libxml2 to 2.13.6 to resolve CVE-2025-24928 and CVE-2024-56171

Summary Nokogiri v1.18.3 upgrades its dependency libxml2 to v2.13.6. libxml2 v2.13.6 addresses: - CVE-2025-24928 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 - CVE-2024-56171 - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 Impact CVE-2025-24928 Stack-buffe...

CVE-2025-24928

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

OSV-2025-133 Stack-buffer-overflow in se_read_conf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=396958482 Crash type: Stack-buffer-overflow READ 1 Crash state: sereadconf runconfighandler snmpconfigwhen...

MicroWorld eScan Antivirus 安全漏洞

MicroWorld eScan Antivirus is an antivirus software from MicroWorld. A security vulnerability exists in MicroWorld eScan Antivirus version 7.0.32, which originates in the VirusPopUp component strcpy function that causes a stack buffer overflow...

CVE-2024-53311

A Stack buffer overflow in the arguments parameter in Immunity Inc. Immunity Debugger v1.85 allows attackers to execute arbitrary code via a crafted input that exceeds the buffer size...

CVE-2024-37600

An issue was discovered in Mercedes Benz NTG New Telematics Generation 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address,...

CVE-2022-32504

An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device. Th...

CVE-2024-34215

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the setUrlFilterRules function...

CVE-2024-34202

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the setMacFilterRules function...

CVE-2024-34212

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function...

CVE-2024-34207

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the setStaticDhcpConfig function...

SUSE CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

CVE-2024-35333

A stack-buffer-overflow vulnerability exists in the readcharsetdecl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vulnerability by providing a specially crafted input to the...

Adobe Illustrators stack buffer overflow vulnerability (CNVD-2025-06309)

Adobe Illustrator is a professional vector graphic design software developed by Adobe, widely used in graphic design, illustration creation, web design and other fields. A stack buffer overflow vulnerability exists in Adobe Illustrators in versions 29.1, 28.7.3 and earlier. The vulnerability is...

CVE-2025-25745

CVE-2025-25745 concerns a stack-based buffer overflow in the D-Link DIR-853 A1 firmware (FW1.20B07), triggered by the Password parameter in the SetQuickVPNSettings module. This affects the device when exposed to network access and, per the CVSS 3.1 vector, requires user interaction and has high i...

CVE-2024-37600

An issue was discovered in Mercedes Benz NTG New Telematics Generation 6 through 2021. A possible stack buffer overflow in the Service Broker service affects NTG 6 head units. To perform this attack, physical access to Ethernet pins of the head unit base board is needed. With a static IP address,...

CVE-2024-53311

A Stack buffer overflow in the arguments parameter in Immunity Inc. Immunity Debugger v1.85 allows attackers to execute arbitrary code via a crafted input that exceeds the buffer size...