74041 matches found
CVE-2026-26399
A stack-use-after-return issue exists in the ArduinoCoreSTM32 library prior to version 1.7.0. The pwmstart function allocates a TIMHandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the function...
OSV-2026-608 Stack-buffer-overflow in is_http
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504809218 Crash type: Stack-buffer-overflow READ Crash state: ishttp stungetmessagelenstr FuzzStunClient.c...
Red Hat Enterprise Linux 10 安全漏洞
Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. There is a security vulnerability in Red Hat Enterprise Linux 10. This vulnerability stems from the fact that the device path node resolver does not verify that the Length field ...
PT-2026-34616
Name of the Vulnerable Software and Affected Versions @xmldom/xmldom versions prior to 0.8.13 @xmldom/xmldom versions prior to 0.9.10 xmldom versions 0.6.0 and earlier Description Seven recursive traversals in lib/dom.js operate without a depth limit. When processing a sufficiently deeply nested...
LizardSystems Terminal Services Manager 访问控制错误漏洞
LizardSystems Terminal Services Manager is a terminal service management software developed by LizardSystems Corporation. Version 3.1 of LizardSystems Terminal Services Manager contains an access control vulnerability. This vulnerability stems from a stack-based buffer overflow in the computer na...
Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞
Dell PowerProtect Data Domain Dell PowerProtect DD is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. There is a security vulnerability in Dell PowerProtect Data Domain Dell PowerProtect DD, which stems from a...
PT-2026-34418
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap ecred conn req Syzbot reported a KASAN stack-out-of-bounds read in l2cap build cmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerabili...
PT-2026-34450
A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI Extensible Firmware Interface device path node header. A local user could exploit this...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013668 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a...
SUSE SLES16 Security Update : freeipmi (SUSE-SU-2026:21212-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:21212-1 advisory. This update for freeipmi fixes the following issue: - CVE-2026-33554: improper memory handling and data validation can lead to stack buffer...
Linux Distros Unpatched Vulnerability : CVE-2017-20230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read...
CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
ALPINE-CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
DEBIAN-CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
CVE-2026-40879
Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData recurses once per message; the buffer shrinks each call. maxBufferSize is never reached; call stack overflows instead. ...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via certificate chain validation logic. An attacker can cause a denial of service by supplying a crafted certificate chain that triggers excessive recursion or stack usage during validation, resulting in a stack...
CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
EUVD-2026-24469
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
CVE-2026-40892 PJSIP: Stack buffer overflow in pjsip_auth_create_digest2()
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...
CVE-2026-40892
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a stack buffer overflow exists in pjsipauthcreatedigest2 in PJSIP when using pre-computed digest credentials PJSIPCREDDATADIGEST. The function copies credential data using credinfo-data.slen as the...