EUVD-2026-36219

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

PT-2026-48636

Name of the Vulnerable Software and Affected Versions MIT krb5 affected versions not specified Description An integer underflow occurs in the berval2tl data function within plugins/kdb/ldap/libkdb ldap/ldap principal2.c. The function executes an unsigned subtraction bv len - 2 without a bounds...

Advantech TP-3250 Denial of Service Vulnerability

Advantech TP-3250 is a printer from Advantech, China. The Advantech TP-3250 suffers from a denial of service vulnerability due to a heap corruption flaw in DrvUIx64Advantech.dll when DocumentPropertiesW is called with a valid dmDriverExtra but outputs a buffer. An attacker can exploit this...

EUVD-2019-6217

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from multiple calls to sockput when msg has more data, which could lead to reuse after release...

CVE-2023-21383

In Settings, there is a possible way for the user to unintentionally send extra data due to an unclear prompt. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2024-31974

The com.solarized.firedown aka Solarized FireDown Browser & Downloader application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately...

kernel: NFSD: Finish converting the NFSv2 GETACL result encoder

A flaw was identified in the Linux kernel’s NFSD NFSv2 GETACL result encoder. During conversion to xdrstream, leftover code erroneously set the pagelen field of the send buffer. The XDR stream encoders are expected to manage buffer length automatically, and the incorrect manual setting can result...

kernel: nfsd buffer overflow by RPC message over TCP with garbage data

A buffer overflow flaw was found in the Linux kernel nfsd network file system subsystem. The way a user sends RPC over TCP with excess data added at the end of the message could allow a remote user to starve the resources, causing a denial of service...

kernel: nfsd buffer overflow by RPC message over TCP with garbage data

A buffer overflow flaw was found in the Linux kernel nfsd network file system subsystem. The way a user sends RPC over TCP with excess data added at the end of the message could allow a remote user to starve the resources, causing a denial of service...

CVE-2021-24424

The WP Reset – Most Advanced WordPress Reset Tool WordPress plugin before 1.90 did not sanitise or escape its extradata parameter when creating a snapshot via the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...

WordPress 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in versions...

CVE-2020-6260

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

ALPINE-CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

Design/Logic Flaw

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...

CVE-2018-6271

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...

CVE-2018-6271

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...