QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory or cause processe...

EulerOS 2.0 SP13 : xz (EulerOS-SA-2026-2362)

According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an...

EulerOS 2.0 SP13 : xz (EulerOS-SA-2026-2319)

According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an...

Critical: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Missing access check on reparse point operations...

Erlang/OTP -- buffer overflow parsing SCTP ERROR/ABORT chunks

https://github.com/erlang/otp/security/advisories/GHSA-6f4f-chj5-5g97 reports: A buffer overflow error when parsing SCTP ERROR or ABORT chunks has been fixed. This could lead to stack corruption and VM crash, but ultimately with hard work by an attacker be refined into maybe even remote code...

ESP-IDF 缓冲区错误漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1 of ESP-IDF contain buffer overflow vulnerabilities. These vulnerabilities stem from an out-of-bounds read issue in the DHCP server option...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Vulnerabilities existed in versions of ImageMagick before 6.9.13-48 and 7.1.2-23, particularly due to a security flaw where...

QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory after obtaining...

CVE-2026-44634 Stack buffer overflows in SimpleBLE

SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy BLE. Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleblewrite function local,...

CVE-2026-11557

A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be executed...

CVE-2026-11524

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

CVE-2026-48291 Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-35834

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-48292 Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the fts5ChunkIterate function in the FTS5 full-text search extension. An attacker can cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata that...

CVE-2026-11824

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...

CVE-2026-47959 Acrobat Reader | Stack-based Buffer Overflow (CWE-121)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2026-47959

CVE-2026-47959 affects Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier. It is a stack-based buffer overflow (CWE-121) that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). No exploit...

EUVD-2026-35808

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2026-11824

Summary: CVE-2026-11824 affects SQLite before 3.53.2 via the FTS5 full‑text search extension. A crafted database can trigger a heap‑based buffer overflow by manipulating continuation page metadata (szLeaf value