1447 matches found
CLSA-2026-1774352914 capstone: Fix of CVE-2025-68114
CVE-2025-68114: fix stack buffer underflow/overflow in SStreamconcat...
capstone: Capstone: Memory corruption via unchecked vsnprintf return
A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStreamconcat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achie...
UBUNTU-CVE-2026-3549
Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving...
wolfSSL(CyaSSL) 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. wolfSSL CyaSSL contains security vulnerabilities; one of these vulnerabilities stems from a heap overflow in TLS 1.3 ECH parsing...
capstone: Capstone: Memory corruption via unchecked vsnprintf return
A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStreamconcat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achie...
DEBIAN-CVE-2026-29078
Lexbor is a web browser engine library. Prior to 2.7.0, the ISO‑2022‑JP encoder in Lexbor fails to reset the temporary size variable between iterations. The statement ctx-bufferused -= size with a stale size = 3 causes an integer underflow that wraps to SIZEMAX. Afterwards, memcpy is called with ...
CVE-2026-29078
Lexbor is a web browser engine library. Prior to 2.7.0, the ISO‑2022‑JP encoder in Lexbor fails to reset the temporary size variable between iterations. The statement ctx-bufferused -= size with a stale size = 3 causes an integer underflow that wraps to SIZEMAX. Afterwards, memcpy is called with ...
📄 BuptLab DNS Relay Server 1.0 Buffer Underflow
This is a proof of concept exploit that leverages a remote heap buffer underflow denial of service vulnerability in BuptLab DNS Relay Server version 1.0.0 that was recently discovered by Antonius...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libssh (SUSE-SU-2026:0779-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0779-1 advisory. - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal...
Important: libssh
Issue Overview: libssh: Buffer underflow in sshgethexa on invalid input CVE-2026-0966 Affected Packages: libssh Issue Correction: Run dnf update libssh --releasever 2023.10.20260302 or dnf update --advisory ALAS2023-2026-1461 --releasever 2023.10.20260302 to update your system. More information o...
SUSE SLES12 Security Update : libsoup (SUSE-SU-2026:0703-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0703-1 advisory. - CVE-2026-0716: improper bounds handling may allow out-of-bounds read bsc1256418. - CVE-2025-4476: null pointer dereference may lead to denial...
Security update for libssh
This update for libssh fixes the following issues: CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. CVE-2026-0966: buffer underflow in...
SUSE-SU-2026:0779-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. - CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. - CVE-2026-0966: buffer underflow in...
Security update for libssh
This update for libssh fixes the following issues: CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. CVE-2026-0966: buffer underflow in...
SUSE-SU-2026:0778-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. - CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. - CVE-2026-0966: buffer underflow in...
ALPINE-CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
UBUNTU-CVE-2026-28419
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...
SUSE-SU-2026:0690-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2025-32049: denial of Service attack to websocket server bsc1240751. - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. - CVE-2026-2443: out-of-bounds read when processing specially...
SUSE-SU-2026:20531-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. - CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. - CVE-2026-0966: buffer underflow in...