GHSA-9M44-RR2W-PPP7 Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length

Summary The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI...

GHSA-RQQ8-JH93-F4VG ImageMagick has stack buffer overflow in MagnifyImage

MagnifyImage uses a fixed-size stack buffer. When using a specific image it is possible to overflow this buffer and corrupt the stack...

CVE-2026-30929

ImageMagick Vulnerability CVE-2026-30929: A stack buffer overflow in MagnifyImage exists prior to versions 7.1.2-16 and 6.9.13-41 due to a fixed-size stack buffer. Processing a specific image can overflow the buffer and corrupt the stack. This impacts ImageMagick’s MagnifyImage component, with th...

SUSE CVE-2026-23059

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...

CVE-2025-11961

CVE-2025-11961 affects the libpcap library (pcap_ether_aton) with an OOB read/write when given malformed MAC-48 inputs. Concretely, packages libpcap versions older than 1.10.6-1 are affected (examples: libpcap for Fedora 42/43, Mariner 1.x). Some advisories also indicate affected downstreams (e.g...

CVE-2025-14934

NSF Unidata NetCDF-C Variable Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target...

CVE-2025-11780 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

CVE-2025-60693

A stack-based buffer overflow exists in the getmergemac function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function concatenates up to six user-supplied CGI parameters matching 05 into a fixed-size buffer a2 without proper bounds checking, appending...

EUVD-2021-30244

Malicious code in bioql PyPI...

EUVD-2021-30242

Malicious code in bioql PyPI...

EUVD-2023-53634

Malicious code in bioql PyPI...

PT-2025-39096

Name of the Vulnerable Software and Affected Versions CodeChecker versions through 6.26.1 Description CodeChecker versions up to 6.26.1 contain a buffer overflow in the internal ldlogger library, triggered when executing the CodeChecker log command. The issue stems from the unsafe use of the strc...

CVE-2025-9809

Out-of-bounds write in cdfsopencuetrack in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATHMAXLENGTH that is copied using memcpy into a fixed-size buffer...

CVE-2025-9809

CVE-2025-9809 affects libretro-common’s cdfs_open_cue_track: an out-of-bounds write allows a crafted .cue file with a PATH_MAX_LENGTH-exceeding path to be copied via memcpy into a fixed-size buffer, enabling arbitrary code execution. Reported across multiple feeds (NVD, Debian/Ubuntu advisories, ...

CVE-2011-10025

Subtitle Processor 7.7.1 contains a buffer overflow in the .m3u file parser. A crafted playlist triggers Unicode conversion and copies input to a fixed-size stack buffer, allowing overwriting the Structured Exception Handler (SEH) and enabling arbitrary code execution. Root cause: insufficient bo...

PT-2025-34106 · Undefined · Undefined

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...

CVE-2011-10015

Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer 256 bytes without proper bounds checking. Exploitation allows...

CVE-2011-10015

Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer 256 bytes without proper bounds checking. Exploitation allows...

CVE-2011-10015 Cytel Studio <= 9.0 .CY3 File Stack Buffer Overflow

Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer 256 bytes without proper bounds checking. Exploitation allows...

SUSE CVE-2025-37816

In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen attribute on vsctppacket.buf and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it...