EUVD-2026-31529

A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to buffer overflow. It is possible to launch the attack...

CVE-2026-9294

Summary: CVE-2026-9294 affects Edimax BR-6428NS (firmware 1.10). The vulnerability is in the POST Request Handler, inside the function formWanTcpipSetup, where manipulation of the argument pppUserName leads to a buffer overflow. This could be triggered remotely, and an exploit is publicly availab...

Audiograbber 安全漏洞

Audiograbber is a software tool developed by Audiograbber Inc. for capturing audio CDs and converting them into digital audio format. Version 1.83 of Audiograbber contained a security vulnerability. This vulnerability stemmed from a local buffer overflow, which could allow attackers to execute...

SIPp 安全漏洞

SIPp is an open-source SIP protocol testing tool and traffic generator developed by SIPp. Versions of SIPp 3.6 and earlier contained security vulnerabilities. These vulnerabilities stemmed from local buffer overflows in the handling of command-line parameters, which could allow local attackers to...

Edimax BR-6428nS 安全漏洞

The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. Version 1.10 of the Edimax BR-6428nS contains a security vulnerability. This vulnerability stems from improper handling of the parameter “vapurl” in the “formWirelessTbl” function within the POST request processing program,...

Edimax BR-6428nS 安全漏洞

The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. Version 1.10 of the Edimax BR-6428nS contains a security vulnerability. This vulnerability stems from improper handling of the parameter “pppUserName” in the POST request processing program, specifically in the...

PT-2026-42870

A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be initiated remotely. The...

10-Strike Network Scanner 安全漏洞

The 10-Strike Network Scanner is a local area network device discovery and network scanning tool developed by the 10-Strike company in the United States. Version 3.0 of the 10-Strike Network Scanner contains a security vulnerability. This vulnerability stems from a local buffer overflow in the ho...

PT-2026-42869

A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to buffer overflow. It is possible to launch the attack...

CVE-2026-41071

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

Exploit for Out-of-bounds Write in Paloaltonetworks Pan-Os

CVE-2026-0300 — Palo Alto Networks PAN-OS BOF RCE root...

Security Bulletin: Multiple vulnerabilities in Aspera applications.

Summary Multiple vulnerabilities were addressed in IBM Aspera High-Speed Transfer Endpoint 4.4.7 Fix Pack 2 and IBM Aspera High-Speed Transfer Server 4.4.7 Fix Pack 2 Vulnerability Details CVEID:CVE-2026-7876 DESCRIPTION: IBM Aspera High-Speed Transfer Server and IBM Aspera High-Speed Transfer...

CVE-2026-36228

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

CLSA-2026-1778860714 gimp: Fix of 2 CVEs

CVE-2026-4153: fix heap-based buffer overflow in PSP file parser by computing proper linewidth for bit depths 1 and 4 with small widths - CVE-2026-4154: fix integer overflow and buffer overflow in XPM file parser by adding GIMPMAXIMAGESIZE bounds checks and using gtrynew...

CVE-2026-9256

NGINX Plus and NGINX Open Source expose a vulnerability in the ngx_http_rewrite_module when a rewrite directive uses distinct, overlapping PCRE captures (e.g., ^/((.*))$) and the replacement references multiple captures (e.g., $1$2) in redirects or arguments. An unauthenticated attacker can send ...

Buffer overflow in the ngx_http_rewrite_module

Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-9256 Not vulnerable: 1.31.1+, 1.30.2+ Vulnerable: 0.1.17-1.31.0...

OESA-2026-2442 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: A malicious server can trigger a client-side global buffer overflow, causing a crash denial of...

OESA-2026-2441 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: A malicious server can trigger a client-side global buffer overflow, causing a crash denial of...

OESA-2026-2440 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: A malicious server can trigger a client-side global buffer overflow, causing a crash denial of...

OESA-2026-2439 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: A malicious server can trigger a client-side global buffer overflow, causing a crash denial of...