74134 matches found
CVE-2026-32928
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...
CVE-2026-32925
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...
CVE-2026-34536
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow SO in SIccCalcOp::ArgsUsed. The issue is observable under AddressSanitizer as a stack-overflow when iccApplyProfiles processes ...
CVE-2026-34542
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...
CVE-2026-34555
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a stack-buffer-overflow SBO in CIccTagFixedNum::GetValues and a related bug chain. The primary crash is an AddressSanitizer-reported WRITE of size 4 that overflows a...
CVE-2026-5212
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...
CVE-2026-5213
A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function...
CVE-2026-5211
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...
CVE-2026-32928
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...
CVE-2026-32928
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...
CVE-2026-32928
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::convAnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...
CVE-2026-32928
The CVE-2026-32928 entry affects FUJI Electric V-SFT (versions 6.2.10.0 and earlier). The root cause is a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem when processing a crafted V7 file. Impact per the sources is potential arbitrary code execution on the affected produc...
CVE-2026-32925
CVE-2026-32925 affects FUJI Electric V-SFT: stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom for versions
CVE-2026-32925
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...
CVE-2026-5204
A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component Parameter Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow. The attack can be initiated remotely. The exploi...
SUSE-SU-2026:20993-1 Security update for perl-XML-Parser
This update for perl-XML-Parser fixes the following issues: - CVE-2006-10002: heap buffer overflow in parsestream when processing UTF-8 input streams bsc1259901. - CVE-2006-10003: off-by-one heap buffer overflow in stserialstack bsc1259902...
OPENSUSE-SU-2026:20459-1 Security update for perl-XML-Parser
This update for perl-XML-Parser fixes the following issues: - CVE-2006-10002: heap buffer overflow in parsestream when processing UTF-8 input streams bsc1259901. - CVE-2006-10003: off-by-one heap buffer overflow in stserialstack bsc1259902...
CVE-2026-23404
A flaw was found in the Linux kernel's AppArmor security module. A local user could trigger a denial of service by initiating a recursive profile removal operation with deeply nested profiles. This recursive process can lead to kernel stack exhaustion, causing the system to crash...
CLSA-2026-1774999144 ImageMagick: Fix of 7 CVEs
CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28691: fix uninitialized pointer dereference in JBIG decoder - CVE-2026-25989: fix off-by-one boundary check in CastDouble functions - CVE-2026-25985: fix memory allocation without limits in SVG decoder -...
EUVD-2026-17832
In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when removing nested profiles, which can lead to kernel stack exhaustion and system crashes. Reproducer: $ pf='a'; for i=...