CVE-2025-7844 wolfTPM library wrapper function `wolfTPM2_RsaKey_TpmToWolf` copies external data to a fixed-size stack buffer without length validation potentially causing stack-based buffer overflow

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAXRSAKEYBITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than...

PT-2025-31869 · Wolftpm2 · Wolftpm2

Name of the Vulnerable Software and Affected Versions: wolfTPM2 affected versions not specified Description: Exporting a TPM based RSA key larger than 2048 bits from the TPM could lead to a stack buffer overflow if the default MAX RSA KEY BITS=2048 is used. This issue occurs when the wolfTPM2...

CVE-2025-23284

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering...

CVE-2025-23284

CVE-2025-23284 affects NVIDIA vGPU software in the Virtual GPU Manager. The Red Hat/NVIDIA/NVD feeds describe a stack buffer overflow caused by a malicious guest, with potential for code execution, denial of service, information disclosure, or data tampering. The vendor has released security upda...

CVE-2025-23284

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering...

CVE-2025-23283

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information...

CVE-2025-23283

CVE-2025-23283 affects NVIDIA vGPU software for Linux-type hypervisors, with a vulnerability in the Virtual GPU Manager that can be triggered by a malicious guest to cause a stack buffer overflow. The result could enable code execution, denial of service, privilege escalation, information disclos...

CVE-2025-23283

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information...

CVE-2025-23283

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information...

Alpine iLX-507 安全漏洞

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in a root context...

Alpine iLX-507 安全漏洞

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in a root context...

Moderate: Red Hat Security Advisory: icu security update

An update for icu is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

RHEL 9 : icu (RHSA-2025:12333)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:12333 advisory. The International Components for Unicode ICU library provides robust and full-featured Unicode services. Security Fixes: icu: Stack buffer overflow ...

The MPlayer Project MPlayer Lite 安全漏洞

The MPlayer Project MPlayer Lite is a multimedia player from The MPlayer Project, Inc. A security vulnerability exists in The MPlayer Project MPlayer Lite version r33064, which stems from improper boundary checking when handling M3U playlist files containing long http URL entries, which could lea...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

CVE-2025-50464

The CVE-2025-50464 affects iptime NAS firmware v1.5.04. The issue is a pre-authentication buffer overflow in the upload.cgi module caused by unsafe use of strcpy to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size stack buffer (8 bytes). This can be exploited befo...

RockyLinux 8 : jq (RLSA-2025:10618)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10618 advisory. jq: jq has signed integer overflow in jv.c:jvparraywrite CVE-2024-23337 jq: AddressSanitizer: stack-buffer-overflow in jqfuzzexecute jvstringvfmt...

NETGEAR XR300 Stack Buffer Overflow Vulnerability (CNVD-2025-20497)

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

RLSA-2025:4492 Moderate: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: QEMU: virtio-net: stack buffer overflow in virtionetflushtx CVE-2023-6693...