73859 matches found
UBUNTU-CVE-2026-53702
A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...
CVE-2026-53702 Gstreamer1-plugins-bad-free: gstreamer: stack buffer overflow in h.265 buffering period sei parser
A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...
CVE-2026-53702 Gstreamer1-plugins-bad-free: gstreamer: stack buffer overflow in h.265 buffering period sei parser
A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...
CVE-2026-53702
A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...
CVE-2026-48734
A flaw was found in ImageMagick. A remote attacker could exploit this vulnerability by tricking a user into processing a specially crafted MVG Magick Vector Graphics file. This could lead to a stack overflow due to a missing depth or visited-set check, resulting in a denial of service DoS for the...
MGASA-2026-0197 Updated gnupg2 packages fix security vulnerabilities
CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...
Updated gnupg2 packages fix security vulnerabilities
CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...
kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...
SUSE CVE-2026-48734
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...
Bug-Bounty-Practice-lab
Syntex Solutions — Vulnerable Lab ⚠️ WARNING — FOR AUTHOR...
Malicious code in sysnu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac9873e59ffdf79c56fd4f9366b56e0532f87dc00c4380fae18d714785b0bc8 On require / CLI invocation, sysnu performs two install-time-equivalent actions on Windows hosts. First, if python is not on PATH, index.js lines 42-...
MAL-2026-5617 Malicious code in sysnu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac9873e59ffdf79c56fd4f9366b56e0532f87dc00c4380fae18d714785b0bc8 On require / CLI invocation, sysnu performs two install-time-equivalent actions on Windows hosts. First, if python is not on PATH, index.js lines 42-...
CVE-2026-41711
Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...
CVE-2026-9754
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command...
CVE-2026-44634
SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy BLE. Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleblewrite function local,...
TencentOS Server 2: libxml2 (TSSA-2026:0497)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0497 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
PT-2026-48725
Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description A stack buffer overflow exists in the GStreamer H.265 codec parser library gst-plugins-bad. The issue occurs when parsing a buffering period SEI message, where the parser utilizes an...
gst-plugins-bad 缓冲区错误漏洞
gst-plugins-bad is a GStreamer open-source plugin. gst-plugins-bad has a buffer error vulnerability. This vulnerability stems from the H.265 codec parser library using incorrect loop boundaries when parsing SEI messages during the buffer period. As a result, the CPB values allocated for the stack...
openSUSE 16 Security Update : uriparser (openSUSE-SU-2026:20910-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20910-1 advisory. This update for uriparser fixes the following issue: - CVE-2025-67899: unbounded recursion and stack consumption bsc1255000. Tenable has extracted the...
UBUNTU-CVE-2026-49760
Stack-based Buffer Overflow vulnerability in Erlang OTP erlinterface...