SUSE SLES15 Security Update : libxml2 (SUSE-SU-2025:02355-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02355-1 advisory. - CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. bsc1244554 - CVE-2025-49796: Fixed type...

VideoCharge Studio 安全漏洞

VideoCharge Studio is a desktop video optimization application from VideoCharge, Inc. A security vulnerability exists in VideoCharge Studio version 2.12.3.685, which originates from a stack buffer overflow and could lead to the execution of arbitrary code...

CVE-2025-34108 Disk Pulse Enterprise 9.0.34 Login Stack Buffer Overflow

A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component...

NETGEAR XR300 安全漏洞

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

NETGEAR XR300 安全漏洞

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

CVE-2025-53101 ImageMagick has Stack Buffer Overflow in image.c

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick mogrify command, specifying multiple consecutive %d format specifiers in a filename template causes internal pointer arithmetic to...

CVE-2025-7548

A vulnerability has been found in Tenda FH1201 1.2.0.14408 and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely...

CVE-2025-7423

CVE-2025-7423 affects Tenda O3V2 1.0.0.12(3880). The vulnerability is in the httpd component, function formWifiMacFilterSet in /goform/setWrlFilterList. Manipulating the macList argument causes a stack-based buffer overflow. This allows remote exploitation with the exploit publicly disclosed; pot...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20836)

The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that results from the incorrect manipulation of multiple parameters in the file /goform/formWlanMP, no details of the vulnerability are provided at this time...

Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20827)

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that results from the incorrect operation of the parameter submit-url-ok in the file /goform/formBSSetSitesurvey. No detailed vulnerability details are provided at this time...

AlmaLinux 9 : libxml2 (ALSA-2025:10699)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10699 advisory. libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796 libxml...

AlmaLinux 9 : jq (ALSA-2025:10585)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10585 advisory. jq: jq has signed integer overflow in jv.c:jvparraywrite CVE-2024-23337 jq: AddressSanitizer: stack-buffer-overflow in jqfuzzexecute jvstringvfmt...

SUSE SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2025:02275-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02275-1 advisory. - CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. bsc1244554 - CVE-2025-49796:...

CVE-2025-7417

A vulnerability has been found in Tenda O3V2 1.0.0.123880 and classified as critical. Affected by this vulnerability is the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be...

CVE-2025-7416

A vulnerability, which was classified as critical, was found in Tenda O3V2 1.0.0.123880. Affected is the function fromSysToolTime of the file /goform/setSysTimeInfo of the component httpd. The manipulation of the argument Time leads to stack-based buffer overflow. It is possible to launch the...

CVE-2025-38315

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btinteldsbr is already known, we can just start there instead of querying the EFI variable size. If the final result doesn't match what we expect also...

CVE-2025-38315

CVE-2025-38315 concerns a Linux kernel Bluetooth driver issue (btintel). The root cause is a mismatch between the EFI variable size and the known struct btintel_dsbr size, which could lead to a stack overflow if the EFI variable is larger than expected. The fix alters the check to rely on the kno...

CVE-2025-38315 Bluetooth: btintel: Check dsbr size from EFI variable

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btinteldsbr is already known, we can just start there instead of querying the EFI variable size. If the final result doesn't match what we expect also...

CVE-2025-38315 Bluetooth: btintel: Check dsbr size from EFI variable

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btinteldsbr is already known, we can just start there instead of querying the EFI variable size. If the final result doesn't match what we expect also...

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2025:02260-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02260-1 advisory. - CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. bsc1244554 -...