EUVD-2026-14710

Out-of-bounds Read vulnerability in tildearrow furnace ‎extern/libsndfile-modified/src modules. This vulnerability is associated with program files flac.C‎. This issue affects furnace: before 0.7...

CVE-2026-4732

CVE-2026-4732 is an out-of-bounds read in furnace (extern/libsndfile-modified/src modules) associated with the flac.C file, affecting furnace versions before 0.7. Red Hat notes a local-denial-of-service risk with potential information disclosure or arbitrary code execution. Circl and EUVD entries...

CVE-2026-24800 A heap-based buffer over-read or buffer overflow in tildearrow/furnace

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

CVE-2026-24800

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

Tenda AX3 wlSetExternParameter function stack buffer overflow vulnerability

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from the wpapskcrypto paramet...

EUVD-2025-48949

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the wpapskcrypto parameter of the wlSetExternParameter function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63152

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the wpapskcrypto parameter of the wlSetExternParameter function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

Tenda AX3 安全漏洞

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from the wpapskcrypto paramet...

EUVD-2022-6243

Malicious code in bioql PyPI...

CVE-2024-27235

In pluginexternfunc of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel Security Breach

Google Pixel is a smartphone from Google, Inc. in the United States. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in the pluginexternfunc method of the TBD module, which may be read out-of-bounds...

PT-2024-21768 · Google · Android

Name of the Vulnerable Software and Affected Versions: TBD affected versions not specified Description: The issue is related to a possible out of bounds read in the plugin extern func due to a missing bounds check. This could lead to local information disclosure with no additional execution...

OESA-2023-1208 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

SUSE CVE-2022-24791

Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. There is a use after free vulnerability in Wasmtime when both running Wasm that uses externrefs and enabling epoch interruption in Wasmtime. If you are not explicitly enabling epoch interruption it is disabled by default...

RUSTSEC-2022-0096 Invalid drop of VMExternRef from partially-initialized instances in the pooling instance allocator

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-88xq-w8cq-xfg7. For more information see the GitHub-hosted security advisory...

GHSA-88XQ-W8CQ-XFG7 Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals

Impact There exists a bug in the pooling instance allocator in Wasmtime's runtime where a failure to instantiate an instance for a module that defines an externref global will result in an invalid drop of a VMExternRef via an uninitialized pointer. As instance slots may be reused between...

openSUSE Security Update : nasm (openSUSE-2020-952)

This update for nasm fixes the following issues : nasm was updated to version 2.14.02. This allows building of Mozilla Firefox 78ESR and also contains lots of bugfixes, security fixes and improvements. - Fix crash due to multiple errors or warnings during the code generation pass if a list file i...

Barracuda Backup "remote_host"脚本注入漏洞

Barracuda Networks Backup是一款网络备份解决方案。 由于通过"remotehost" POST参数传递到Extern Backup模块的输入在被使用前没有正确过滤，攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中注入并执行任意HTML和脚本代码。 0 Barracuda Backup Barracuda Backup 固件版本4.3.06或5.1.00已修复此漏洞，建议用户下载使用： http://www.barracudanetworks.com/ns/products/backupoverview.php...

INetCash Finance Service - Multiple Web Vulnerabilities

Document Title: =============== INetCash Finance Service - Multiple Web Vulnerabilities Release Date: ============= 2011-07-28 Vulnerability Laboratory ID VL-ID: ==================================== 112 Product & Service Introduction: =============================== INET-CASH ist im Bereich des...