CVE-2026-11604

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

CVE-2026-39863 Kamailio Core: TCP Data Processing Vulnerability

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted data packet sent over TCP. The...

CVE-2025-67433

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...

CVE-2025-67433

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...

CVE-2025-67433

CVE-2025-67433 affects Open TFTP Server MultiThreaded v1.7. A heap buffer overflow in the processRequest() function can be triggered by crafted DATA packets, leading to Denial of Service. No remediation details are provided in the connected documents.

PT-2026-7890

Name of the Vulnerable Software and Affected Versions Open TFTP Server MultiThreaded version 1.7 Description A heap buffer overflow exists in the processRequest function of Open TFTP Server MultiThreaded. This issue can be triggered by sending a crafted DATA packet, potentially leading to a Denia...

CVE-2025-67433

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...

EUVD-2025-206666

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATAFRAG receive path. An un authenticated sender can transmit a single malformed RTPS...

CVE-2024-39150

vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet...

CVE-2024-51428

An issue in Espressif Esp idf v5.3.0 allows attackers to cause a Denial of Service DoS via a crafted data channel packet...

CVE-2024-39945

A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...

CVE-2024-39946

A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization...

CVE-2024-39946

A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization...

CVE-2024-39945

A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...

CVE-2024-39947

A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...

CVE-2024-39946

CVE-2024-39946 affects Dahua Network Video Recorders (notably NVR4XXX family) where, after valid administrator credentials are obtained, an attacker can send a crafted data packet to a vulnerable interface to trigger device initialization. Public documents describe the vulnerability as resulting ...

PT-2024-28748 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface wi...

PT-2024-28749 · Dahua · Dahua

Name of the Vulnerable Software and Affected Versions: Dahua products affected versions not specified Description: A vulnerability has been found in Dahua products. After obtaining an ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface wit...

CVE-2024-39150

vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet...

CVE-2024-39150

vditor, version 3.9.8 and earlier, is vulnerable to an Arbitrary file read via a crafted data packet. The issue is confirmed across multiple sources (NVD/Red Hat/CVE ecosystem). Affected component: vditor (frontend/Markdown editor). Root cause details are not explicitly provided in the extracted ...