PT-2026-29390

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities; these vulnerabilities were caused by specially crafted ICC configuration files that could lead to stack buffer overflo...

CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

Belkin F9K1122 安全漏洞

The Belkin F9K1122 is a WiFi signal extender produced by the Canadian company Belkin. The version 1.00.33 of the Belkin F9K1122 contains a security vulnerability. This vulnerability stems from improper handling of the webpage parameter in the file/goform/formCrossBandSwitch, which may lead to a...

EUVD-2016-10850

iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...

UBUNTU-CVE-2016-20048

iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...

CVE-2016-20042 TRN 3.6-23 Stack Buffer Overflow Local Code Execution

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the...

SUSE CVE-2026-33536

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds...

Varaneckas JAD Java Decompiler 缓冲区错误漏洞

Varaneckas JAD Java Decompiler is a tool developed by Varaneckas Corporation that decompiles Java bytecode into readable source code. Versions of Varaneckas JAD Java Decompiler 1.5.8e-1kali1 and earlier contained a buffer error vulnerability. This vulnerability stemmed from a stack buffer overflo...

Flat Assembler 缓冲区错误漏洞

Flat Assembler is an assembly language compiler developed by Tomasz Grysztar, designed to work on multiple platforms. Version 1.71.21 of Flat Assembler contains a buffer overflow vulnerability. This vulnerability stems from a stack buffer overflow, which could allow local attackers to execute...

PT-2026-28231

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 8150 bytes to overflow the stack, overwrite return...

SC 缓冲区错误漏洞

SC is a software developed by SC OpenSource. Version 7.16 of SC contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code...

Crashmail 缓冲区错误漏洞

Crashmail is a mail processing and message exchange software developed by the Crashmail company. Version 1.6 of Crashmail contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow remote attackers to execute arbitrary code...

CVE-2026-4961

A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack is possible ...

CVE-2021-27382

A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2020 All versions SE2020MP14, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based...

Tenda AC5 安全漏洞

Tenda AC5 is a wireless router produced by the Chinese company Tenda. Version 15.03.06.47 of Tenda AC5 contains a security vulnerability. This vulnerability stems from improper handling of parameters in the file/goform/setcfm, specifically funcpara1, which may lead to a stack buffer overflow...

PT-2026-28738

Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A flaw exists in the formSetEmail function within the /goform/formSetEmail file of the D-Link DIR-513. Manipulating the curTime argument can lead to a stack-based buffer overflow. This issue is remotely...

CVE-2026-4905

A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the attack is possible...

CVE-2026-33536

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds...

DEBIAN-CVE-2026-33536

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds...