1295 matches found
Rsync 安全漏洞
Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync prior to 3.4.3 contained security vulnerabilities. These vulnerabilities stemmed from a stack write issue in the establishproxyconnection function. Network...
PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory
...
CVE-2026-6477
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
CVE-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
CVE-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
BIT-MONGODB-2026-4147 Stack memory disclosure in filemd5 command
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...
CVE-2026-34459
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...
CVE-2026-34459 Sandboxie-Plus sandbox escape via uninitialized memory leak and stack overflow in GetRawInputDeviceInfoSlave
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9kwmicmd. The callback writes...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3qcomprobe allocates memory for resource structure which is pointed by parentres pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent...
CVE-2026-31768
A flaw was found in the Linux kernel, specifically within the ti-adc161s626 Analog-to-Digital Converter ADC driver. This vulnerability arises from the use of non-Direct Memory Access DMA-safe stack memory for Serial Peripheral Interface SPI read operations. An attacker with local access could...
PT-2026-36426
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel eBPF verifier where the backtrack insn function fails to correctly handle atomic fetch operations. When encountering a BPF STX instruction with BPF...
CVE-2026-1949
Delta Electronics AS320T is affected by CVE-2026-1949 due to an incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service. The available reports identify the host device and the vulnerable component as the AS320T web service handling GET/PUT requests,...
EUVD-2026-23950
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...
CVE-2026-0930
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...
CVE-2026-0930 Potential wolfSSHd Buffer out-of-bounds Read on Windows Handling Terminal Resize
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...
CVE-2026-0930
CVE-2026-0930 affects wolfSSHd on Windows and describes a potential read-out-of-bounds in the handling of a terminal resize. An authenticated user could trigger the out-of-bounds read after establishing a connection, leaking adjacent stack memory to the pseudo-console output. Public sources (NVD;...
PT-2026-33853
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007587)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007587 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a...
PT-2026-32436
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...