4306 matches found
CVE-2026-30814 Buffer Overflow Vulnerability in TP-Link AX53
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow...
CVE-2026-5726
CVE-2026-5726 concerns ASDA-Soft stack-based buffer overflow vulnerability in version 7.2.0.0 triggered during parsing of malformed .par files. Public sources (NVD, EUVD, CIRCL, CVE lists) describe an impact involving potential arbitrary code execution with high impact on confidentiality, integri...
CVE-2025-50649
The CVE-2025-50649 entry affects D-Link DI-8003 devices (firmware 16.07.26A1). It is caused by a buffer overflow in the /shut_set.asp endpoint due to improper input validation of the vlan_name parameter. Reported as a denial of service risk in CNVD-2026-17631 and reflected in multiple feeds; CVSS...
CVE-2025-65116
CVE-2025-65116 describes a buffer overflow vulnerability in multiple JP1/IT Desktop Management components and related JP1 products on Windows (Manager, Operations Director, and various Network/DM and Software Distribution roles). Affected versions include JP1/IT Desktop Management 2 - Manager (up...
Exploit for Heap-based Buffer Overflow in Pjsip
CVE-2026-32945 PJSIP DNS Compression Pointer Heap OOB Read R...
NanoMQ 缓冲区错误漏洞
NanoMQ is a lightweight and fast MQTT Broker for IoT edge platforms. A buffer overflow vulnerability exists in NanoMQ versions prior to 0.24.8. The vulnerability stems from the MQTT-over-WebSocket transport failing to properly validate the receive buffer size when processing MQTT packets with...
River Past CamDo 缓冲区错误漏洞
River Past CamDo is a screen recording and camera capture tool developed by River Past Corporation. Version 3.7.6 of River Past CamDo contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the structured exception handler, which may allow local attackers to...
ALSA-2026:5913 Moderate: ncurses security update
The ncurses new curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo...
UBUNTU-CVE-2026-33554
ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...
gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing
A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...
EUVD-2019-19936
NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a large payload into the Community field and trigger the Walk function to cause a denial...
PHOENIX CONTACT FL NAT 安全漏洞
PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. There is a security vulnerability in PHOENIX CONTACT FL NAT, which stems from a stack-based buffer overflow issue in the CLI’s TFTP file transfer command processing. This...
Heap-based Buffer Overflow
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
EUVD-2026-11521
A vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3. The manipulation of the argument wanconnected results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may b...
CVE-2026-22627
A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet...
CVE-2026-3814
A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to t...
CVE-2026-3699 UTT HiPER 810G formRemoteControl strcpy buffer overflow
A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attac...
CVE-2026-3698 UTT HiPER 810G NTP strcpy buffer overflow
A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used...
Tenda W20E 安全漏洞
The Tenda W20E is a router produced by the Chinese company Tenda. The version Tenda W20E V4.0brV15.11.0.6 contains a security vulnerability. This vulnerability arises from the lack of size validation before connecting to gstup and gstdwn, which may lead to a buffer overflow...
Security Bulletin: Vulnerability in IBM® Java SDK affects IBM WebSphere Application Server and WebSphere Application Server Liberty due to CVE-2026-1188
Summary There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM...