The vulnerability of the vCard component of the Alpine iLX-507 audio system allows a hacker to execute arbitrary code under the root user’s context.

The vulnerability of the vCard component of the Alpine iLX-507 audio system is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code under the root user’s context...

CVE-2025-47806

In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash...

DEBIAN-CVE-2025-47806

In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash...

UBUNTU-CVE-2025-47806

In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash...

Linux Distros Unpatched Vulnerability : CVE-2024-39478

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer...

CVE-2025-47806

In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash...

CVE-2025-47806

CVE-2025-47806 affects the GStreamer base plugins’ subparse plugin, specifically the parse_subrip_time function, which can write past the bounds of a stack buffer in releases up to 1.26.1. This may cause a crash/DoS. Public advisories confirm fixes in downstream packaging: Debian 11 bullseye (gst...

CVE-2025-47806

In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash...

Linux Distros Unpatched Vulnerability : CVE-2024-25176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in ljstrfmtwfnum in ljstrfmtnum.c. CVE-2024-25176 Note that Nessus...

CVE-2025-7844

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAXRSAKEYBITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than...

CVE-2025-23310

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data...

CVE-2025-23310

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data...

Advisory ROSA-SA-2025-2921

software: binutils 2.38 WASP: ROSA-CHROME unaffected versions = binutils-2.38-6 affected versions binutils-2.38-6 CVE-ID: CVE-2025-0840 BDU-ID: 2025-03384 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the objdump.c component of the GNU Binutils software development tool is related to a stack-based...

CVE-2025-8653

Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required to exploit this vulnerability. The specific...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack buffer overflow vulnerability exists in the Huawei HarmonyOS dmsfwk module, which can be exploited by an attacker to cause code execution...

Moderate: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

PT-2025-31983 · Unknown +1 · Mediaplayerctrl.Dll +1

Name of the Vulnerable Software and Affected Versions: BlazeVideo HDTV Player Pro version 6.6.0.3 Description: BlazeVideo HDTV Player Pro version 6.6.0.3 is susceptible to a stack-based buffer overflow due to improper handling of user-supplied input within .plf playlist files. When processing a...

RHEL 10 : jq (RHSA-2025:12882)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12882 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

CVE-2025-7844

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAXRSAKEYBITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than...

CVE-2025-7844

CVE-2025-7844 affects wolfTPM (wolfSSL) via wolfTPM2_RsaKey_TpmToWolf: exporting an RSA key >2048 bits from a TPM can overflow a fixed-size stack buffer when MAX_RSA_KEY_BITS is 2048. Root cause: copying external data to a stack buffer without length validation. If MAX_RSA_KEY_BITS matches the...