253631 matches found
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the ioam6fill TraceData function in IPv6 IOAM, which stores the mode contribution length i...
AlmaLinux 9 : freeipmi (ALSA-2026:14819)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:14819 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the AlmaLinux...
ASUS System Control Interface 缓冲区错误漏洞
ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a buffer overflow vulnerability in the ASUS System Control Interface. This vulnerability arises from reading sizes that exceed the size of the buffer within the IOCTL handler, which...
📄 telnetd 2.7 Buffer Overflow
telnetd version 2.7 addslc remote buffer overflow exploit that achieves root. Exploit Title: telnetd 2.7 - Buffer Overflow Google Dork: N/A Date: 2026-04-03 Exploit Author: Jeff Barron jeffaf Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils...
Tenda CX12L 缓冲区错误漏洞
The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a buffer error vulnerability. This vulnerability stems from improper operation of the function in the file/goform/SetPptpServerCfg, which may lead to a stack...
minmea 安全漏洞
Minmea is a lightweight GPS data parsing library developed by Kosma Moczek. Version 0.3.0 of Minmea contains a security vulnerability. This vulnerability stems from the format specifier used in the minmeascan function, which copies NMEA field data into the buffer provided by the caller without...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Hp Power_Manager
As part of my OSCP preparation I came across CVE-2009-3999 HP P...
rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding
CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...
CVE-2026-42468
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatpcap.cpp , the parser's phdr.len field is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted PCAP input...
CVE-2026-42469
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatcanswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames...
CVE-2026-37541
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...
CVE-2026-30814
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow...
[SECURITY] [DSA 6251-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6251-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 07, 2026 https://www.debian.org/security/faq -...
JLSEC-2026-482
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tifdir.c'...
JLSEC-2026-481
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage" function in the component "tiffcrop"...
JLSEC-2026-483
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in TIFFmemcpy' funtion in the component 'tifunix.c'...
pyOpenSSL: DTLS cookie callback buffer overflow
A flaw was found in pyOpenSSL. The setcookiegeneratecallback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a...
JLSEC-2026-478
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
pyOpenSSL: DTLS cookie callback buffer overflow
A flaw was found in pyOpenSSL. The setcookiegeneratecallback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a...
JLSEC-2026-469 An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM)...
An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are...