Lucene search
K

74134 matches found

EUVD
EUVD
added 2026/04/05 6:32 a.m.12 views

EUVD-2026-19038

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit h...

9CVSS6.3AI score0.00472EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/05 4:45 a.m.28 views

CVE-2026-5544 UTT HiPER 1250GW formRemoteControl stack-based overflow

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit h...

9CVSS0.00472EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/05 4:45 a.m.5 views

CVE-2026-5544

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit h...

9CVSS6.3AI score0.00472EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/05 4:45 a.m.18 views

CVE-2026-5544

CVE-2026-5544 affects UTT HiPER 1250GW, up to version 3.2.7-210907-180535. The vulnerability exists in an unknown function of the file /goform/formRemoteControl where manipulating the Profile argument causes a stack-based buffer overflow. It can be exploited remotely, and public exploits are avai...

9CVSS7.7AI score0.00472EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

Tenda AC10 安全漏洞

The Tenda AC10 is a wireless router produced by the Chinese company Tenda. There is a security vulnerability in the version 16.03.10.10multiTDE01 of the Tenda AC10; this vulnerability stems from a stack buffer overflow in the fromSysToolChangePwd function located in the /bin/httpd directory...

9CVSS7.5AI score0.00516EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.12 views

PT-2026-30416

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument Profile results in stack-based buffer overflow. The attack can be executed remotely. The exploit h...

9CVSS7.7AI score0.00472EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.3 views

PT-2026-30419

Name of the Vulnerable Software and Affected Versions Tenda AC10 version 16.03.10.10 multi TDE01 Description A stack-based buffer overflow can be triggered in the fromSysToolChangePwd function located in the /bin/httpd file. This occurs through manipulation of the sys.userpass argument, allowing...

9CVSS7.6AI score0.00571EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

UTT HiPER 1250GW 安全漏洞

UTT HiPER 1250GW is a wireless gateway device developed by UTT Corporation. Versions of UTT HiPER 1250GW prior to 3.2.7-210907-180535 contained security vulnerabilities. These vulnerabilities were caused by incorrect handling of parameters in the file/goform/formRemoteControl, which could lead to...

9CVSS7.7AI score0.00472EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.5 views

Debian dla-4522 : libxml-parser-perl - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4522 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4522-1 [email protected]...

9.8CVSS6.2AI score0.00604EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.7 views

Tenda AC10 安全漏洞

The Tenda AC10 is a wireless router produced by the Chinese company Tenda. There is a security vulnerability in the version 16.03.10.10multiTDE01 of the Tenda AC10. This vulnerability stems from incorrect handling of the parameter sys.userpass in the fromSysToolChangePwd function located in the...

9CVSS7.7AI score0.00571EPSS
Exploits0References5
OSV
OSV
added 2026/04/04 5:33 a.m.1 views

GHSA-5JG4-P4QW-CGFR @stablelib/cbor: Stack exhaustion Denial of Service via deeply nested CBOR arrays, maps, or tags

Summary @stablelib/cbor decodes nested CBOR structures recursively and does not enforce a maximum nesting depth. A sufficiently deep attacker-controlled CBOR payload can therefore crash decoding with RangeError: Maximum call stack size exceeded. Details The decoder processes arrays, maps, and...

8.7CVSS5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/04 5:33 a.m.11 views

@stablelib/cbor: Stack exhaustion Denial of Service via deeply nested CBOR arrays, maps, or tags

Summary @stablelib/cbor decodes nested CBOR structures recursively and does not enforce a maximum nesting depth. A sufficiently deep attacker-controlled CBOR payload can therefore crash decoding with RangeError: Maximum call stack size exceeded. Details The decoder processes arrays, maps, and...

5.9AI score
Exploits0References3Affected Software1
Fedora
Fedora
added 2026/04/04 1:3 a.m.11 views

[SECURITY] Fedora 42 Update: python3.9-3.9.25-7.fc42

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

7.1CVSS6AI score0.00308EPSS
Exploits0
Fedora
Fedora
added 2026/04/04 12:49 a.m.7 views

[SECURITY] Fedora 43 Update: python3.9-3.9.25-7.fc43

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

7.1CVSS6AI score0.00308EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/04 12:0 a.m.4 views

openSUSE 16 Security Update : kea (openSUSE-SU-2026:20452-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20452-1 advisory. Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message...

7.5CVSS5.9AI score0.01361EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.1 views

Defending Buffer Overflows in WebAssembly: A Transpiler Approach

WebAssembly is quickly becoming a popular compilation target for a variety of code. However, vulnerabilities in the source languages translate to vulnerabilities in the WebAssembly binaries. This work proposes a methodology and a WebAssembly transpiler to prevent buffer overflows in the unmanaged...

6AI score
Exploits0
OSV
OSV
added 2026/04/03 9:45 p.m.3 views

GHSA-8PFC-JJGW-6G26 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser

Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...

6.9CVSS6.1AI score0.00395EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/03 9:45 p.m.6 views

SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser

Summary The @nyariv/sandboxjs parser contains unbounded recursion in the restOfExp function and the lispify/lispifyExpr call chain. An attacker can crash any Node.js process that parses untrusted input by supplying deeply nested expressions e.g., 2000 nested parentheses, causing a RangeError:...

7.5CVSS6.1AI score0.00395EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/04/03 9:31 p.m.6 views

EUVD-2020-31212

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

8.7CVSS6AI score0.00921EPSS
Exploits0References3
NVD
NVD
added 2026/04/03 9:17 p.m.3 views

CVE-2020-37216

Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of packet length fields allows remote attackers to crash or hang the device. Attackers can send specially crafted UDP EtherNet/IP packets with a...

8.7CVSS0.00921EPSS
Exploits0References2
Rows per page
Query Builder