CVE-2026-9360

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely...

Security Bulletin: IBM Sterling Connect:Direct Web Service is affected by multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote...

CVE-2025-3266

CVE-2025-3266 affects qinguoyi TinyWebServer (up to 1.0). The root cause is a stack-based buffer overflow in the handling of the name/password arguments within the HTTP connection path (specifically in /http/http_conn.cpp). This vulnerability potentially enables remote exploitation with the attac...

CVE-2025-1786

CVE-2025-1786 affects rizin up to 0.7.4. The issue is in the function msf_stream_directory_free within pdb.c, where manipulation of the -P argument leads to a buffer overflow. Local access is required. Public exploit has been disclosed. Upgrading to version 0.8.0 mitigates the issue. If exploit d...

CVE-2024-53335

TOTOLINK A810R V4.1.2cu.5182B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi...

CVE-2024-41436

ClickHouse v24.3.3.102 was discovered to contain a buffer overflow via the component DB::evaluateConstantExpressionImpl...

CVE-2024-40723 CHANGING Information Technology HWATAIServiSign Windows Version - Stack-based Buffer Overflow

The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the HWATAIServiSign, temporarily...

Important: Red Hat Security Advisory: libndp security update

An update for libndp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2024-35329

...

CVE-2024-30259

CVE-2024-30259 affects eProsima Fast DDS (DDS) up to patch versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8. A heap buffer overflow occurs on the subscriber when a publisher sends a malformed RTPS packet, potentially causing a remote crash and a denial of service. The issue is fixed in the cited patche...

CVE-2024-33213

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic...

CVE-2024-0745

The WebAudio OscillatorNode object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 122...

Heap Buffer Overflow

libxml2 is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper bound checking. This issue can be exploited by an attacker via parsing a malicious file to execute arbitrary code within the context of an unprivileged process...

QNAP QTS / QuTS hero Bufferoverflow Vulnerabilities in QTS and QuTS hero (QSA-23-07)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by 2 buffer overflow vulnerabilities as referenced in the QSA-23-07 advisory. A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, t...

SUSE-SU-2023:3944-1 Security update for libqb

This update for libqb fixes the following issues: - CVE-2023-39976: Fixed potential bufferoverflow with long log messages bsc1214066...

SUSE: Security Advisory (SUSE-SU-2023:3626-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-48336

Widevine Trusted Application TA 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow...

CVE-2023-33864

StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. It uses uint32tmBufferSize-mInputSize even though mInputSize can exceed mBufferSize...

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-060)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-060 advisory. A stack based buffer-overflow vulnerability was found in the deprecated compatibility function clntcreate in the sunrpc's clntgen.c module of the GNU C Library aka glibc through 2.34. This vulnerability...

CVE-2020-27507

The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact...