253629 matches found
CVE-2026-8137
A vulnerability has been found in Totolink X5000R 9.1.0u.6369B20230113. This vulnerability affects the function sub458E40 of the file /boafrm/formDdns. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclos...
CVE-2026-8137
The CVE-2026-8137 entry affects Totolink X5000R (firmware 9.1.0u.6369_B20230113). The vulnerable component is the function sub_458E40 in /boafrm/formDdns, where manipulation of the submit-url argument causes a buffer overflow. Remote exploitation is possible, and the exploit has been disclosed pu...
CVE-2026-8137 Totolink X5000R formDdns sub_458E40 buffer overflow
A vulnerability has been found in Totolink X5000R 9.1.0u.6369B20230113. This vulnerability affects the function sub458E40 of the file /boafrm/formDdns. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclos...
CVE-2026-8137 Totolink X5000R formDdns sub_458E40 buffer overflow
A vulnerability has been found in Totolink X5000R 9.1.0u.6369B20230113. This vulnerability affects the function sub458E40 of the file /boafrm/formDdns. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclos...
SUSE CVE-2016-8817
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the size input to memcpy, causing a buffer overflow, leading to denial of service o...
CROSS-implementation 安全漏洞
CROSS-implementation is an C-language implementation library for an asymmetric signature algorithm, developed by the CROSS Signature team. There is a security vulnerability in CROSS-implementation, which stems from a integer underflow in the cryptosignopen function, potentially leading to a buffe...
minmea 安全漏洞
Minmea is a lightweight GPS data parsing library developed by Kosma Moczek. Version 0.3.0 of Minmea contains a security vulnerability. This vulnerability stems from the format specifier used in the minmeascan function, which copies NMEA field data into the buffer provided by the caller without...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from undefined and forced checks on the maximum length of keys in the libceph library. This...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a project overflow when ioctl commands are received, leading to transaction termination and...
CVE-2026-29974
An issue was discovered in kosma minmea 0.3.0. The minmeascan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmeascan on untrusted input are vulnerable to a stack buffer overflow...
CVE-2026-29972
Affected software: nanoMODBUS library (v1.22.0 and earlier as described). Vulnerability: a stack-based buffer overflow in recv_read_registers_res() within nanomodbus.c when performing nmbs_read_holding_registers() or nmbs_read_input_registers(). The code writes register data from the server respo...
PT-2026-39142
Name of the Vulnerable Software and Affected Versions nanoMODBUS versions prior to 1.23.0 Description A stack-based buffer overflow exists in the recv read registers res function within nanomodbus.c. This occurs when a client invokes nmbs read holding registers or nmbs read input registers, as th...
nanoMODBUS 安全漏洞
nanoMODBUS is a compact Modbus protocol C language library developed by Valerio De Benedetto. Versions of nanoMODBUS 1.22.0 and earlier contain security vulnerabilities. These vulnerabilities stem from a stack buffer overflow in the recvreadregistersres function in nanomodbus.c, which may allow a...
TOTOLINK X5000R 缓冲区错误漏洞
The TOTOLINK X5000R is a router produced by TOTOLINK, a Chinese electronics company. The version 9.1.0u.6369B20230113 of the Totolink X5000R contains a buffer error vulnerability. This vulnerability stems from improper handling of the submit-url parameter in the function sub458E40 within the...
CVE-2026-29972
nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recvreadregistersres in nanomodbus.c. When a client calls nmbsreadholdingregisters or nmbsreadinputregisters, the library writes register data from the server response to the caller-provided buffer based on the response's bytecount...
CVE-2026-29974
The CVE-2026-29974 entry affects kosma minmea version 0.3.0, specifically the minmea_scan function. The vulnerability arises because the format specifier copies NMEA field data into a caller-provided buffer without a size parameter, enabling a stack buffer overflow when processing untrusted input...
CVE-2026-29974
An issue was discovered in kosma minmea 0.3.0. The minmeascan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmeascan on untrusted input are vulnerable to a stack buffer overflow...
PT-2026-39143
Name of the Vulnerable Software and Affected Versions kosma minmea version 0.3.0 Description A stack buffer overflow exists in the minmea scan function. The format specifier within this function copies NMEA field data into a buffer provided by the caller without utilizing a size parameter. This c...
PT-2026-38664
Name of the Vulnerable Software and Affected Versions Totolink X5000R version 9.1.0u.6369 B20230113 Description A buffer overflow occurs in the sub 458E40 function within the '/boafrm/formDdns' file. This issue is triggered by the manipulation of the submit-url argument, allowing for remote...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the ioam6fill TraceData function in IPv6 IOAM, which stores the mode contribution length i...