101 matches found
CVE-2025-34096 Easy File Sharing HTTP Server 7.2 Buffer Overflow via POST to /sendemail.ghp
A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long Email parameter. The application fails to properly validate the length of this field,...
CVE-2025-21444 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Data HLOS - QX
Memory corruption while copying the result to the transmission queue in EMAC...
Amazon Linux 2 : libxml2 (ALAS-2025-2893)
The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2893 advisory. A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based...
CVE-2025-47869
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to...
CVE-2025-49847
A flaw was found in llama.cpp. An attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. As a result, memcpy is called while oversized, allowing a malicious model overwrite memory beyond the intended buffer. This can lead to arbitrary memory...
CVE-2025-49847 llama.cpp Vulnerable to Buffer Overflow via Malicious GGUF Model
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper trycopy in llama.cpp/src/vocab.cpp: llamavocab::impl::tokentopiece casts a ve...
CVE-2025-6021
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...
CVE-2025-6021
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...
CVE-2025-6021
Affects libxml2: multiple vendors report CVE-2025-6021 (integer overflow in xmlBuildQName causing stack-based buffer overflow). Documents show vulnerable libxml2 variants across distributions (e.g., AWS ALAS advisories for libxml2 with 2.9/2.10 lines; AIX advisory listing affected filesets; Astra...
CVE-2025-5222
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
CVE-2025-46713
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and prior to 1.15.12, APISETSECUREPARAM may have an arithmetic overflow deep in the memory allocation subsystem that would lead to a smaller allocation than requeste...
CVE-2024-25003
KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution...
CVE-2024-47248
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Apache NimBLE. Specially crafted MESH message could result in memory corruption when non-default build configuration is used. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to...
CVE-2023-27968
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory...
CVE-2021-25478
A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...
CVE-2020-22027
A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vfneighbor.c, which might lead to memory corruption and other potential consequences...
CVE-2025-46713
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and prior to 1.15.12, APISETSECUREPARAM may have an arithmetic overflow deep in the memory allocation subsystem that would lead to a smaller allocation than requeste...
CVE-2025-46713
Sandboxie has a pool buffer overflow vulnerability in the API_SET_SECURE_PARAM inside SbieDrv.sys, caused by an arithmetic overflow in the memory allocation subsystem that can result in a smaller-than-requested allocation and a subsequent buffer overflow. Affected versions: 0.0.1 through 1.15.11 ...
CVE-2025-46713 Sandboxie has Pool Buffer Overflow in SbieDrv.sys API (API_SET_SECURE_PARAM)
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and prior to 1.15.12, APISETSECUREPARAM may have an arithmetic overflow deep in the memory allocation subsystem that would lead to a smaller allocation than requeste...
CVE-2019-1010258
nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf42c29726 is affected by: Buffer Overflow. The impact is: Memory corruption leading to at least DoS. More severe impact vectors need more investigation. The component is: it's part of a svg processing library. function...