CVE-2026-34232

A flaw was found in Firebird, an open-source relational database management system. The xdrstatusvector function, responsible for decoding server responses, does not properly handle a specific data type iscargcstring within an opresponse packet. An unauthenticated attacker can exploit this...

CVE-2026-34232

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the iscargcstring type when decoding an opresponse packet, causing a server crash when one is encountered in the status vector. An...

CVE-2026-33337

A flaw was found in Firebird, an open-source relational database management system. When processing a slice packet, the xdrdatum function fails to validate the length of a cstring, which can lead to a buffer overflow. An unauthenticated attacker can exploit this vulnerability by sending a special...

CVE-2026-33337

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdrdatum function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated...

EUVD-2026-23486

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the iscargcstring type when decoding an opresponse packet, causing a server crash when one is encountered in the status vector. An...

CVE-2026-33337

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdrdatum function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated...

Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, which include multiple ANSI SQL-92 functions. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the...

PT-2026-33483

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr status vector function does not handle the isc arg cstring type when decoding an op response packet, causing a server crash when one is encountered in the status vector. An...

Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, offering multiple ANSI SQL-92 features. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the xdrdatum function...

Linux Distros Unpatched Vulnerability : CVE-2026-33337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdrdatum...

EUVD-2018-3139

Malware in sbrugna...

CVE-2018-11097

An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash...

PyO3 Risk of buffer overflow in `PyString::from_object`

PyString::fromobject took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exception...

PT-2025-14539 · Crates.Io · Pyo3

PyString::from object took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exceptio...

Risk of buffer overflow in `PyString::from_object`

PyString::fromobject took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exception...

CVE-2018-11097

An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash...

CVE-2018-11097

An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash...

Memory corruption

An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash...

CVE-2018-11097

An issue was discovered in cloudwu/cstring through 2016-11-09. There is a memory leak vulnerability that could lead to a program crash...

CVE-2018-11097

CVE-2018-11097 affects cloudwu/cstring (a C-based string library) with a memory leak vulnerability present up to 2016-11-09 that can lead to a program crash. The incident is documented with CVSS metrics indicating network access, no authentication required, and an availability impact rated high (...