15 matches found
CVE-2026-29774 FreeRDP has a heap-buffer-overflow in avc420_yuv_to_rgb via OOB regionRects
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occurs in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path due to missing horizontal bounds validation of H.264 metablock regionRects coordinates. In yuv.c, the clamp...
kdcproxy 安全漏洞
kdcproxy is a Python library open-sourced by latchset A security vulnerability exists in kdcproxy that stems from not enforcing TCP response length bounds, which could lead to a denial of service attack...
EUVD-2022-40079
Malicious code in bioql PyPI...
CVE-2025-48386 Git allows a buffer overflow in 'wincred' credential helper
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
CVE-2022-37453
An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types...
CVE-2020-25756
A buffer overflow vulnerability exists in the mggethttpheader function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice...
CVE-2025-26595
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...
CVE-2025-26595
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...
CVE-2022-37453
An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types...
PT-2022-24010 · Softing · Softing Opc Ua C++ Sdk
Name of the Vulnerable Software and Affected Versions: Softing OPC UA C++ SDK versions prior to 6.10 Description: The issue is related to unchecked array and matrix bounds in structure data types, which can lead to a buffer overflow or excess allocation. Recommendations: For versions prior to 6.1...
CVE-2022-37453
An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types...
Softing OPC UA C++ SDK 缓冲区错误漏洞
The Softing OPC UA C++ SDK is a development kit from Softing Germany. It is used to quickly and easily integrate OPC UA clients and servers. A security vulnerability exists in the Softing OPC UA C++ SDK prior to version 6.10, which stems from unchecked array and matrix boundaries in structured da...
Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild
While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we discovered another zero-day exploit we believe is linked to the same actor. We reported this new exploit to Microsoft in February and after...
BitchX 1.1-final (EXEC) Remote Command Execution Exploit
Exploit for linux platform in category remote exploits ======================================================== BitchX 1.1-final EXEC Remote Command Execution Exploit ======================================================== / Name: PBXS - Pointless BitchX Sploit Author: clarity Infected Versions:...
BitchX 1.1-final - 'EXEC' Remote Command Execution
/ Name: PBXS - Pointless BitchX Sploit Author: clarity Infected Versions: 1.1-final and others? Synopsis: BitchX suffers from a unchecked bounds in a hash table in hook.c where one can inject data structures allowing for the remote execution of commands! Usage: Execute "gcc -o pbxs pbxs.c; ./pbxs...