PT-2026-42894

A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed...

EUVD-2018-21868

10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string...

10-Strike Network Inventory Explorer 安全漏洞

10-Strike Network Inventory Explorer is a scanning software developed by 10-Strike Corporation. It is used to track hardware and software on network computers. Version 8.54 of 10-Strike Network Inventory Explorer contains a security vulnerability. This vulnerability stems from a stack-based buffe...

Reversing-Toolkit

Reversing Toolkit 🔧 3 reverse engineering & binary exploita...

OESA-2026-2427 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

OESA-2026-2426 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

OESA-2026-2425 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016765 advisory. In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016769 advisory. An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically...

Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016766 advisory. In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-23 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-48 or 7.x prior to 7.1.2-23. It is, therefore, affected by multiple vulnerabilities: - A crafted MSL image can trigger a heap-use-after-free in the MSL decoder. CVE-2026-46523 - Due to a missing depth check, a stack...

CVE-2026-44056

A flaw was found in Netatalk. A remote attacker with low privileges could exploit a stack buffer overflow vulnerability in the desktop.c component. This could lead to a denial of service DoS, making the service unavailable, and potentially result in limited information disclosure or integrity...

CVE-2026-39461

The CVE-2026-39461 issue affects libcasper(3), which communicates with helper processes over UNIX domain sockets and uses select(2) to wait for data. The problem is that it does not verify that its socket descriptor fits within FD_SETSIZE (1024), potentially allowing an application that opens man...

CVE-2026-39461 select(2) file descriptor set overflow causes stack overflow

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

EUVD-2026-31252

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-45250 Stack buffer overflow via setcred(2)

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-45250

CVE-2026-45250 concerns a stack buffer overflow in the FreeBSD kernel arising from setcred(2). The unprivileged user can trigger a copyin into a fixed-size kernel-stack array before validating the number of supplementary groups, causing a stack overflow when the list is large. This allows an unpr...

CVE-2026-45250 Stack buffer overflow via setcred(2)

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-45250

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-44056

A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...