Amazon Linux 2023 : aws-nitro-tpm-tools (ALAS2023-2026-1610)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1610 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities stem from incorrect packet validation, which leads to infinite recursion when parsing SCTP block parameters. This can result in stack overflows and crashes...

PT-2026-36037

A flaw has been found in Tenda 4G300 US 4G300V1.0Mt V1.01.42 CN TDC01. Affected is the function sub 427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published an...

Important: python3.11

Issue Overview: The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output...

FreeBSD : FreeBSD -- pf can overflow the stack parsing crafted SCTP packets (225ba563-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 225ba563-4435-11f1-bb07-bc241121aa0a advisory. Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can...

CVE-2018-25303

Allok Video to DVD Burner 2.6.1217 is affected by a stack-based buffer overflow in the License Name field that enables local code execution via SEH overwrite. An input of ~780 junk bytes followed by SEH chain pointers and shellcode can be pasted into the License Name field during registration to ...

CVE-2018-25303 Allok Video to DVD Burner 2.6.1217 Buffer Overflow SEH

Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler SEH overwrite. Attackers can craft a malicious input string with 780 bytes of junk...

CVE-2018-25303 Allok Video to DVD Burner 2.6.1217 Buffer Overflow SEH

Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler SEH overwrite. Attackers can craft a malicious input string with 780 bytes of junk...

CVE-2026-28221 Wazuh: Pre-auth stack-based buffer overflow in wazuh-remoted print_hex_string() due to signed char promotion on x86_64

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in printhexstring in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes using sprintfdstbuf +...

EUVD-2026-26270

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a stack-based buffer overflow exists in printhexstring in wazuh-remoted. The bug is triggered when formatting attacker-controlled bytes using sprintfdstbuf +...

CVE-2026-28221

CVE-2026-28221 – Wazuh pre-auth stack-based buffer overflow is confirmed in wazuh-remoted’s print_hex_string(). From versions 4.8.0 to before 4.14.4, attacker-controlled bytes are formatted with sprintf(dst_buf + 2*i, "%.2x", src_buf[i]) on signed-char platforms, causing sign-extension and an out...

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CLSA-2026-1777482797 Fix CVE(s): CVE-2026-29111

SECURITY UPDATE: stack overwriting via crafted cgroup path - debian/patches/CVE-2026-29111.patch: validate input cgroup path in methodgetunitbycontrolgroup with pathisabsolute and pathisnormalized checks before passing to managergetunitbycgroup. - CVE-2026-29111...

CLSA-2026-1777465067 binutils: Fix of CVE-2021-3826

CVE-2021-3826: fix heap/stack buffer overflow in libiberty d-demangle dlangsymbolbackref...

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-0206

The CVE describes a post-authentication stack-based buffer overflow in SonicOS that allows a remote attacker to crash a firewall. Affected component: SonicOS (firewall platform). Root cause: stack-based overflow after authentication. Impact: denial of service via crash; no confidentiality/integri...

EUVD-2026-26256

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-7111

Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...