Lucene search
+L

316292 matches found

nuclei
nuclei
added 7 hours ago32 views

XiongMai uc-httpd 1.0.0 - Buffer Overflow

Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725. id: CVE-2018-10088 info: name: XiongMai uc-httpd 1.0.0 - Buffer Overflow author: 0xAkoko severity: critical description: | Buffer overflow in XiongMai uc-httpd 1.0....

10CVSS7.1AI score0.40386EPSS
Exploits8References4
nuclei
nuclei
added 7 hours ago133 views

Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun

Netgear RAX43 version 1.0.3.96 contains a command injection and authentication bypass vulnerability. The readycloudcontrol.cgi CGI application is vulnerable to command injection in the name parameter. Additionally, the URL parsing functionality in the cgi-bin endpoint of the router containers a...

8.8CVSS7AI score0.0853EPSS
Exploits0References5
attackerkb
attackerkb
added 16 hours ago5 views

CVE-2026-48863

A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processin...

7.5CVSS6.2AI score
Exploits0References4Affected Software1
cve
cve
added 16 hours ago106 views

CVE-2026-48863

The CVE-2026-48863 issue is a stack-based buffer overflow in libsolv’s EdDSA verification when copying the EdDSA 's' MPI, caused by length handling. An adversary could craft an Ed25519 PGP signature with mismatched MPI lengths to trigger a denial of service in automated package/repo processing wo...

7.5CVSS6.2AI score
Exploits0References4
nvd
nvd
added yesterday6 views

CVE-2026-51380

Buffer Overflow vulnerability in Tenda AC10 v3 firmware V03.03.16.09 allows attackers to cause a permanent Denial of Service DoS or potentially execute remote code via the /cgi-bin/UploadCfg endpoint...

9.8CVSS
Exploits0References3
cve
cve
added yesterday7 views

CVE-2026-62349

TDengine 3.4.1.6 and earlier contains an off-by-one/write vulnerability in source/libs/parser/src/parUtil.c: trimString() only checks a single-byte space before handling SQL string escape sequences (%, _, or \x), enabling a one-byte out-of-bounds write to the stack buffer tmpTokenBuf. This can le...

8.3CVSS6.3AI score
Exploits0References1
cve
cve
added yesterday8 views

CVE-2026-10673

The CVE-2026-10673 affects the Zephyr ADIN2111/ADIN1110 Ethernet driver (drivers/ethernet/eth_adin2111.c) in OA SPI mode. The code reassembles frames by copying device-supplied 64-byte chunks into a fixed buffer (CONFIG_ETH_ADIN2111_BUFFER_SIZE, default 1524) without verifying that the write curs...

8.3CVSS6.2AI score
Exploits0References3
osv
osv
added yesterday4 views

MGASA-2026-0253 Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion. CVE-2026-7383 Out-of-Bounds Read in CMS Password-Based Decryption. CVE-2026-9076 Heap Buffer Over-read in ASN.1 Content Parsing. CVE-2026-34180 PKCS12 Files with PBMAC1 Are...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References8
cvelist
cvelist
added yesterday24 views

CVE-2026-20156 Cisco RoomOS Security Hardening Release - Buffer Management Vulnerabilities

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The...

8.1CVSS
Exploits0References1
cve
cve
added yesterday19 views

CVE-2026-20156

CVE-2026-20156 relates to Cisco RoomOS and a set of buffer management vulnerabilities (CWE-119) arising from improper bounds checks. The hardening release addresses multiple internally discovered issues; CVSSv3.1 metrics indicate network-access, high impact on confidentiality, integrity, and avai...

8.1CVSS6.2AI score
Exploits0References1
euvd
euvd
added yesterday5 views

EUVD-2026-44685

When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...

6.3CVSS6.2AI score
Exploits0References1
euvd
euvd
added yesterday5 views

EUVD-2026-44684

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.1AI score
Exploits0References1
osv
osv
added yesterday3 views

RLSA-2026:39304 Low: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling CVE-2025-6170 For more details about the security issues, including the impact, a CVSS score,...

2.5CVSS6.4AI score0.00202EPSS
Exploits0References2
rocky
rocky
added yesterday4 views

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

2.5CVSS6.4AI score0.00202EPSS
Exploits0
rocky
rocky
added yesterday3 views

qemu-kvm security update

An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM is a full virtualization solution for Linux...

6.7CVSS6.2AI score0.00122EPSS
Exploits0
rocky
rocky
added yesterday5 views

perl-DBI:1.641 security update

An update is available for perl-DBI, module.perl-DBI. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The perl-DBI package provides the standard database interfa...

9.8CVSS6.5AI score0.00452EPSS
Exploits0
osv
osv
added yesterday5 views

RLSA-2026:38901 Important: perl-DBI:1.641 security update

The perl-DBI package provides the standard database interface module for the Perl programming language. It implements a database-independent interface, meaning it defines a consistent set of methods, variables, and conventions for database operations. Security Fixes: DBI: DBI: Buffer overflow in...

8.2CVSS6.5AI score0.00452EPSS
Exploits0References2
euvd
euvd
added yesterday4 views

EUVD-2026-44580

Buffer Overflow vulnerability in OpenHTJ2K v.0.18.4 and before allows an attacker to execute arbitrary code via the j2kprecinctsubband::parsepacketheader in source/core/coding/codingunits.cpp...

9.8CVSS6.3AI score0.00201EPSS
Exploits0References4
euvd
euvd
added yesterday4 views

EUVD-2026-44581

Buffer Overflow vulnerability in OpenHTJ2K v.0.18.4 and before allows an attacker to execute arbitrary code via the openhtj2kdecoderimpl::invoke, invokelinebased, invokelinebasedstream, and invokelinebasedpredecoded function in source/core/interface/decoder.cpp...

9.8CVSS6.3AI score0.00201EPSS
Exploits0References4
ptsecurity
ptsecurity
added yesterday6 views

PT-2026-60221

Name of the Vulnerable Software and Affected Versions Cisco RoomOS affected versions not specified Description An issue exists involving improper restriction of operations within the bounds of a memory buffer. This is categorized under CWE-119, which refers to memory corruption vulnerabilities...

8.1CVSS6.2AI score
Exploits0References4
Rows per page
Query Builder