ROS-20260209-73-0008

A vulnerability in the bytes.decode function of the Python programming language interpreter CPython is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to affect the availability of protected information...

Fedora 44 : asciinema / atuin / bustle / envision / glycin / greetd / helix / etc (2026-1b11ddff94)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-1b11ddff94 advisory. - Update the time crate to version 0.3.47. - Update the time-macros crate to version 0.2.27. - Update the time-core crate to version 0.1.8. - Update the...

Fedora 45 : asciinema / atuin / bustle / envision / glycin / greetd / helix / etc (2026-fd61fd216d)

The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-fd61fd216d advisory. - Update the time crate to version 0.3.47. - Update the time-macros crate to version 0.2.27. - Update the time-core crate to version 0.1.8. - Update the...

CVE-2020-37170

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program...

CVE-2020-37171

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username field with 10,000 bytes of arbitrary data to trigger an application crash and prevent normal...

CVE-2020-37159

Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory registers in the alarm scheduling feature. Attackers can craft a malicious payload exceeding 260 bytes to overwrite EIP and EBP, enabling shellcode execution...

CVE-2020-37155

Core FTP Lite 1.3 contains a buffer overflow vulnerability in the username input field that allows attackers to crash the application by supplying oversized input. Attackers can generate a 7000-byte payload of repeated 'A' characters to trigger an application crash without requiring additional...

CVE-2020-37171

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username field with 10,000 bytes of arbitrary data to trigger an application crash and prevent normal...

CVE-2020-37170

TapinRadio 2.12.3 is affected by a local, denial-of-service vulnerability in the application proxy address configuration. The issue arises when an attacker overwrites the address field with 3000 bytes of arbitrary data, causing the application to crash and fail normal operation. Affected componen...

CVE-2020-37170 TapinRadio 2.12.3 - 'address' Denial of Service

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program...

CVE-2020-37171 TapinRadio 2.12.3 - 'username' Denial of Service

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy username configuration that allows local attackers to crash the application. Attackers can overwrite the username field with 10,000 bytes of arbitrary data to trigger an application crash and prevent normal...

CVE-2020-37170 TapinRadio 2.12.3 - 'address' Denial of Service

TapinRadio 2.12.3 contains a denial of service vulnerability in the application proxy address configuration that allows local attackers to crash the application. Attackers can overwrite the address field with 3000 bytes of arbitrary data to trigger an application crash and prevent normal program...

CVE-2020-37166 AbsoluteTelnet 11.12 - 'SSH2/username' Denial of Service

AbsoluteTelnet 11.12 contains a denial of service vulnerability in the SSH2 username input field that allows local attackers to crash the application. Attackers can overwrite the username field with a 1000-byte buffer, causing the application to become unresponsive and terminate...

CVE-2020-37159 Cuckoo Clock 5.0 - Buffer Overflow

Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory registers in the alarm scheduling feature. Attackers can craft a malicious payload exceeding 260 bytes to overwrite EIP and EBP, enabling shellcode execution...

CVE-2026-25541

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2020-37136

ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when attempting to create S...

CVE-2020-37143 ProficySCADA for iOS 5.0.25920 - 'Password' Denial of Service

ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the password input field. Attackers can overwrite the password field with 257 bytes of repeated characters to trigger an application crash and prevent successfu...

CVE-2020-37143

ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the password input field. Attackers can overwrite the password field with 257 bytes of repeated characters to trigger an application crash and prevent successfu...

CVE-2020-37139 Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service

Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. Attackers can generate a buffer overflow by pasting 108 bytes of repeated characters into connection fields, causing the applicatio...

EUVD-2020-31035

ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. Attackers can overwrite the private key file input with a 2000-byte buffer, causing the application to become unresponsive when attempting to create S...