302569 matches found
EUVD-2018-21948
WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow...
CVE-2018-25426 WinMTR 0.91 Denial of Service via Buffer Overflow
WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow...
CVE-2018-25426
CVE-2018-25426 affects WinMTR 0.91. The vulnerability is a buffer overflow in processing a specially crafted payload file, allowing a denial of service crash. Attackers can cause the crash by providing a input file containing a large buffer of repeated characters; the description notes a crafted ...
CVE-2018-25426
WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow...
CVE-2018-25423 Arm Whois 3.11 Denial of Service via Buffer Overflow
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...
CVE-2018-25423
Arm Whois 3.11 is affected by a local denial-of-service vulnerability due to a buffer overflow when processing an oversized input string (about 700 bytes) in the IP address or domain field. The flaw allows local attackers to crash the application. No remediation, patch version, or exploit details...
CVE-2018-25423 Arm Whois 3.11 Denial of Service via Buffer Overflow
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...
EUVD-2018-21945
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...
CVE-2018-25423
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...
CVE-2026-10120
A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file /goform/formSetFirewallRule. The manipulation of the argument firewallname results in stack-based buffer overflow. The attack can be executed remotely. The exploit is...
EUVD-2026-33462
A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file /goform/formSetFirewallRule. The manipulation of the argument firewallname results in stack-based buffer overflow. The attack can be executed remotely. The exploit is...
CVE-2026-10120 TRENDnet TEW-432BRP formSetFirewallRule stack-based overflow
A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file /goform/formSetFirewallRule. The manipulation of the argument firewallname results in stack-based buffer overflow. The attack can be executed remotely. The exploit is...
CVE-2026-10119
TRENDnet TEW-432BRP (firmware 3.10B20) contains a stack-based buffer overflow in the formSetMACFilter function within /goform/formSetMACFilter. The vulnerability arises from manipulation of the filter_name argument, enabling remote exploitation. Exploit appears publicly available. The vendor note...
Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager is vulnerable to Buffer overflow in OMR
Summary There is a Buffer overflow vulnerability in OMR allows denial-of-service in IBM® SDK Java™ Technology Edition used by IBM Tivoli Application Dependency Discovery Manager TADDM. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release...
MAL-2026-5087 Malicious code in buffer-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9d5f9cc02aafc6aacd829af1fe7b8adb4b215f176b9a412ee46ee28372b7805d The OpenSSF Package Analysis project identified 'buffer-utilities' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in buffer-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9d5f9cc02aafc6aacd829af1fe7b8adb4b215f176b9a412ee46ee28372b7805d The OpenSSF Package Analysis project identified 'buffer-utilities' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
CVE-2026-5071
The SocketCAN implementation validates the length of a user-provided buffer containing a socketcanframe object using only a NETASSERT statement in zcansendtoctx before dereferencing it in socketcantocanframe. In production builds where assertions are disabled, a userspace application that control...
CVE-2026-5071
The CVE-2026-5071 entry concerns the SocketCAN implementation (Zephyr context) where a user-provided buffer containing a socketcan_frame is validated only by a NET_ASSERT in zcan_sendto_ctx() and then dereferenced in socketcan_to_can_frame(). In production builds with assertions disabled, a users...
EUVD-2026-33449
The SocketCAN implementation validates the length of a user-provided buffer containing a socketcanframe object using only a NETASSERT statement in zcansendtoctx before dereferencing it in socketcantocanframe. In production builds where assertions are disabled, a userspace application that control...
MGASA-2026-0167 Updated vim packages fix security vulnerabilities
Heap Buffer Overflow in spell file loading affects Vim 9.2.0450. CVE-2026-45130 Vimscript Code Injection in netrw NetrwMarkFile via crafted filename affects Vim 9.2.0480. CVE-2026-43961 Command Injection in tar.vim affects Vim 9.2.0479. CVE-2026-46483 Vimscript Code Injection in netrw...