Lucene search
K

128 matches found

RedhatCVE
RedhatCVE
added 2026/06/29 1:50 p.m.8 views

CVE-2026-12246

A flaw was found in NSD. A remote attacker, operating as a configured primary DNS server in a multi-tenant secondary DNS deployment, could exploit a bug involving specially crafted Address Prefix List APL resource records. By providing an APL record with an adflength larger than permitted, the...

8.1CVSS6.5AI score0.00265EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 7:16 a.m.10 views

CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS0.00265EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 7:16 a.m.4 views

ALPINE-CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS5.8AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 5:24 a.m.33 views

CVE-2026-12246 Out of bounds stack write with crafted APL RR

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

7.2CVSS0.00265EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/25 5:24 a.m.4 views

CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS5.9AI score0.00265EPSS
Exploits0
OSV
OSV
added 2026/06/25 12:0 a.m.4 views

UBUNTU-CVE-2026-12246

NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes...

8.1CVSS5.8AI score0.00265EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 6:34 a.m.7 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.7AI score0.00464EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

Amazon Linux 2 : libpq, --advisory ALAS2POSTGRESQL14-2026-023 (ALASPOSTGRESQL14-2026-023)

The version of libpq installed on the remote host is prior to 14.23-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2026-023 advisory. Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64,...

8.8CVSS6AI score0.00558EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/18 1:22 p.m.15 views

SUSE CVE-2026-6477

Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...

8.8CVSS6AI score0.00464EPSS
Exploits0References30
AlpineLinux
AlpineLinux
added 2026/05/14 1:0 p.m.10 views

CVE-2026-6477

Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...

8.8CVSS6AI score0.00464EPSS
Exploits0
OSV
OSV
added 2026/04/29 5:13 p.m.8 views

CLSA-2026-1777482797 Fix CVE(s): CVE-2026-29111

SECURITY UPDATE: stack overwriting via crafted cgroup path - debian/patches/CVE-2026-29111.patch: validate input cgroup path in methodgetunitbycontrolgroup with pathisabsolute and pathisnormalized checks before passing to managergetunitbycgroup. - CVE-2026-29111...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/07 9:32 p.m.6 views

EUVD-2025-209282

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS6.2AI score0.00243EPSS
Exploits1References2
NVD
NVD
added 2026/04/07 8:16 p.m.7 views

CVE-2025-14857

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS0.00243EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/07 7:56 p.m.19 views

CVE-2025-14857 Semtech LR11xx Memory Write Access Control Bypass

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS0.00243EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:56 p.m.2 views

CVE-2025-14857

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS6.2AI score0.00243EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/03/31 9:3 a.m.5 views

SUSE CVE-2016-20038

yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can craft a malicious command-line argument containing shellcode and a return address to overwrite the...

8.6CVSS6.6AI score0.00177EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/28 12:30 p.m.3 views

EUVD-2016-10837

Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers can invoke yasr with a crafted payload containing junk data, shellcode, and a return address to...

8.6CVSS6.4AI score0.00163EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/28 12:15 p.m.3 views

CVE-2016-20041

Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers can invoke yasr with a crafted payload containing junk data, shellcode, and a return address to...

8.6CVSS6.4AI score0.00163EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/28 11:58 a.m.2 views

CVE-2016-20041

Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers can invoke yasr with a crafted payload containing junk data, shellcode, and a return address to...

8.6CVSS6.4AI score0.00163EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/28 11:58 a.m.2 views

CVE-2016-20041 Yasr 0.6.9-5 Buffer Overflow via Command-line Parameter

Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to the -p parameter. Attackers can invoke yasr with a crafted payload containing junk data, shellcode, and a return address to...

8.6CVSS6.4AI score0.00163EPSS
Exploits0References3
Rows per page
Query Builder