SUSE CVE-2026-33532

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

PT-2026-28258

SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the...

Practical Music Search 访问控制错误漏洞

Practical Music Search is a search tool developed by slicer86, designed to support music information retrieval and content indexing. Version 0.42 of Practical Music Search contains an access control error vulnerability, which stems from a stack buffer overflow. This vulnerability could allow...

PT-2026-28226

Name of the Vulnerable Software and Affected Versions TRN version 3.6-23 Description A stack buffer overflow allows local attackers to execute arbitrary code by providing an oversized argument to the application. This is achieved by crafting a malicious command-line argument containing 156 bytes ...

Mapscrn 缓冲区错误漏洞

Mapscrn is a software developed under the MSK open-source project. Version 2.0.3 of Mapscrn contains a buffer overflow vulnerability. This vulnerability stems from a stack buffer overflow, which could allow local attackers to execute arbitrary code or cause a denial-of-service attack by providing...

trn 缓冲区错误漏洞

TRN is a terminal-based news group reading and discussion client tool developed by Wayned. Version TRN 3.6-23 contains a buffer error vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code by providing excessively large...

PT-2026-28233

JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boundaries. Attackers can craft malicious input passed to the jad command to overflow the stack and...

PT-2026-28234

Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute...

PT-2026-28752

Name of the Vulnerable Software and Affected Versions Belkin F9K1122 version 1.00.33 Description A security issue has been identified in Belkin F9K1122 version 1.00.33. The formSetSystemSettings function within the Setting Handler component, located in the /goform/formSetSystemSettings file, is...

Varaneckas JAD Java Decompiler 缓冲区错误漏洞

Varaneckas JAD Java Decompiler is a tool developed by Varaneckas Corporation that decompiles Java bytecode into readable source code. Versions of Varaneckas JAD Java Decompiler 1.5.8e-1kali1 and earlier contained a buffer error vulnerability. This vulnerability stemmed from a stack buffer overflo...

PT-2026-28225

Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized gamma parameter value to overflow the stack buffer and overwrite the...

NRSS Reader 缓冲区错误漏洞

NRSS Reader is a desktop reading tool developed by NRSS Corporation, designed for subscribing to and reading RSS information sources. Version 0.3.9-1 of NRSS Reader contains a buffer overflow vulnerability. This vulnerability stems from a stack buffer overflow, which could allow local attackers t...

PT-2026-28227

NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...

Xwpe 缓冲区错误漏洞

Xwpe is a terminal-based text editing and integrated development environment tool developed by Xwpe Corporation. Versions of Xwpe 1.5.30a to 2.1 contained a buffer error vulnerability, which was caused by a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary...

yTree 缓冲区错误漏洞

yTree is a terminal-based file management and directory browsing tool developed by Werner Bregulla. Versions 1.94 to 1.1 of yTree contain a buffer error vulnerability. This vulnerability stems from a stack buffer overflow, which could allow local attackers to execute arbitrary code by providing...

SIPp 访问控制错误漏洞

SIPp is an open-source SIP protocol testing tool and traffic generator developed by SIPp. Version 3.3 of SIPp contains a vulnerability related to access control, which stems from a stack buffer overflow. This vulnerability could allow unverified local attackers to execute arbitrary code...

BOCHS 缓冲区错误漏洞

BOCHS is a x86 architecture computer simulator developed by BOCHS company. Version 2.6-5 of BOCHS contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow attackers to execute arbitrary code by providing the application with an excessively...

TiEmu 缓冲区错误漏洞

TiEmu is a handheld emulator developed by the Linux Programmer Group. Versions of TiEmu 2.08 and earlier contained a buffer overflow vulnerability. This vulnerability stemmed from a stack buffer overflow, which could allow attackers to execute arbitrary code by exploiting insufficient input...

CVE-2026-33491

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

CVE-2026-4902

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...