ANT-2026-6615Y595 · wolfSSL · Heap Buffer Overflow

heap-buffer-overflow medium CVE-2026-5448 Severity Claude medium · Security research firm medium · Maintainer - REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Calif. ANT-2026-6615Y595: Final Assessment: 2-Byte Heap Overflow in wolfSSLX509notAfter /...

EUVD-2026-23978

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

CVE-2026-5448 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore

X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS...

CVE-2026-28520

arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...

CVE-2026-28520

arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...

CVE-2026-28520

arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...

SUSE-SU-2026:0018-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. - CVE-2025-14087: buffer underflow in the GVariant parser...

EulerOS Virtualization 2.13.1 : libarchive (EulerOS-SA-2025-2548)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdta...

CVE-2025-64330

A flaw was found in Suricata. This vulnerability allows a denial of service DoS via a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records, requiring the per packet alert queue to be filled with alerts followed by a pass rule...

CVE-2025-64503

A flaw was found in cups-filters. This vulnerability allows an out-of-bounds write via a crafted Portable Document Format PDF file with a large MediaBox value...

EUVD-2007-5180

Malware in sbrugna...

EUVD-2019-11979

Malware in sbrugna...

EulerOS 2.0 SP13 : libarchive (EulerOS-SA-2025-2145)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially...

HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow

...

SUSE-SU-2025:20563-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2025-32988: Fixed double-free due to incorrect ownership handling bsc1246232 - CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing bsc1246233 - CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates...

Linux Distros Unpatched Vulnerability : CVE-2025-5917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file...

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool bsc1246267 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

CLSA-2025-1751271625 httpd: Fix of CVE-2020-35452

CVE-2020-35452: modauthdigest: Fix single zero byte stack overflow...

SUSE CVE-2025-5917

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to...

AZL-63854 CVE-2025-5917 affecting package libarchive for versions less than 3.6.1-7

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to...