ROS-20260610-73-0042

The vulnerability of the ndrreaduint8Array function in the RDP client FreeRDP is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures remotely...

QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory after obtaining...

ESP-IDF 缓冲区错误漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1 of ESP-IDF contain buffer overflow vulnerabilities. These vulnerabilities stem from an out-of-bounds read issue in the DHCP server option...

ESP-IDF 安全漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0 of ESP-IDF contain security vulnerabilities. These vulnerabilities stem from a buffer overflow in the session setting path of the protocomm...

QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory or cause processe...

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by built-in APIs in node.js. Erlang/OTP’s erlinterface versions prior to 5.5.2.1, 5.7.0.1, and 5.8.1 have security vulnerabilities. These vulnerabilities arise from the eisprintterm...

QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory or cause processe...

PT-2026-48372

Name of the Vulnerable Software and Affected Versions File Station 5 versions prior to 5.5.6.5208 Description A buffer overflow occurs when a program writes more data to a memory buffer than it can hold, potentially overwriting adjacent memory. A remote attacker with a user account can exploit th...

PT-2026-48469

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 27.3.4.12 Erlang OTP versions 28.x prior to 28.5.0.2 Erlang OTP versions 29.x prior to 29.0.2 erl interface versions 3.7.16 through 5.5.2.0 erl interface versions 5.7.x prior to 5.7.0.1 erl interface versions...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Vulnerabilities existed in versions of ImageMagick before 6.9.13-48 and 7.1.2-23, particularly due to a security flaw where...

Russh 安全漏洞

Russh is a Rust SSH client and server library developed by Eugene as a personal project. Versions of Russh prior to 0.60.3 contained security vulnerabilities. These vulnerabilities stemmed from CryptoVec’s use of unchecked capacity growth and unchecked length arithmetic, which could lead to buffe...

EulerOS 2.0 SP13 : xz (EulerOS-SA-2026-2362)

According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an...

Erlang/OTP -- buffer overflow parsing SCTP ERROR/ABORT chunks

https://github.com/erlang/otp/security/advisories/GHSA-6f4f-chj5-5g97 reports: A buffer overflow error when parsing SCTP ERROR or ABORT chunks has been fixed. This could lead to stack corruption and VM crash, but ultimately with hard work by an attacker be refined into maybe even remote code...

Linux Distros Unpatched Vulnerability : CVE-2026-46281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d mm/vmalloc: allow to set node and align in vrealloc added the ability to force a new...

EulerOS 2.0 SP13 : xz (EulerOS-SA-2026-2319)

According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an...

Critical: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Missing access check on reparse point operations...

ROS-20260610-73-0001

The vulnerability in Thunderbird is related to an operation that goes beyond the buffer boundaries in memory. Exploitation of this vulnerability can be carried out remotely...

ROS-20260610-73-0002

The vulnerability in Thunderbird is related to an operation that goes beyond the buffer boundaries in memory. Exploitation of this vulnerability can be carried out remotely...

CVE-2026-44634 Stack buffer overflows in SimpleBLE

SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy BLE. Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleblewrite function local,...

CVE-2026-11557

A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be executed...