CVE-2026-40334

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in ptpunpackCanonFE in camlibs/ptp2/ptp-pack.c line 1377. The function copies a filename into a 13-byte buffer using strncpy without explicitly null-terminating the result. ...

CVE-2026-40334

CVE-2026-40334 affects libgphoto2 (up to v2.5.33). The vulnerability arises from a missing null terminator in ptp_unpack_Canon_FE() inside camlibs/ptp2/ptp-pack.c, where a 13-byte filename buffer is filled with strncpy without ensuring termination. If source data is exactly 13 bytes with no null,...

CVE-2026-40334 libgphoto2 missing null termination in ptp_unpack_Canon_FE() filename buffer in ptp-pack.c

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in ptpunpackCanonFE in camlibs/ptp2/ptp-pack.c line 1377. The function copies a filename into a 13-byte buffer using strncpy without explicitly null-terminating the result. ...

GNU GRUB 缓冲区错误漏洞

GRUB2 is a multiple bootloader for the GNU Project. A buffer overflow vulnerability exists in GNU GRUB2, which stems from the fact that when reading a tar file, GRUB2 allocates an internal buffer for the filename, and does not properly validate the allocation for a possible integer overflow. An...

CLSA-2025-1739352814 kernel: Fix of 13 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - btrfs: fix information leak in btrfsioctllogicaltoino CVE-2024-35849 - net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 - netfilter: xtables: fix LED ID check in ledtgcheck...

initramfs: avoid filename buffer overrun

...

CVE-2024-53142

In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...

CVE-2024-53142 initramfs: avoid filename buffer overrun

In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...

openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer

A flaw was found in the opj2decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault and a...

MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit

No description provided by source. / c0ntex open-security org / include errno.h include stdio.h include stdlib.h include string.h include unistd.h include arpa/inet.h include netinet/in.h include sys/types.h include sys/socket.h define SUCCESS 0 / True / define FAILURE 1 / False / define ABANNER...

ProSysInfo TFTP server TFTPDWIN 0.4.2 - &#039;Filename&#039; Remote Buffer Overflow (Metasploit)

$Id: tftpdwinlongfilename.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2009-1355

Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename...

Pico Zip 4.01 - &#039;Filename&#039; Local Buffer Overflow

!/usr/bin/perl Pico Zip v. 4.01 Long Filename Buffer Overflow Original advisory - http://www.securityfocus.com/archive/1/437103/30/30/threaded Author - c0rrupt Greets - sh0uts to n0limit, muts, and brax for the music ; The vulnerability is caused due to a boundary error within the "zipinfo.dll"...

TFTPD32 Long Filename Buffer Overflow

This module exploits a stack buffer overflow in TFTPD32 version 2.21 and prior. By sending a request for an overly long file name to the tftpd32 server, a remote attacker could overflow a buffer and execute arbitrary code on the system. This module requires Metasploit:...

Info-ZIP UnZip 5.x - File Name Buffer Overflow

Info-ZIP UnZip 5.x - File Name Buffer Overflow // source: https://www.securityfocus.com/bid/15968/info Info-ZIP 'unzip' is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memo...

Info-ZIP UnZip 5.x - File Name Buffer Overflow

// source: https://www.securityfocus.com/bid/15968/info Info-ZIP 'unzip' is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. This issue allows attackers to execu...