Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the H5Trefmemsetnull function. An attacker can cause a heap buffer overflow by supplying a specially crafted HDF5 .h5 file, which may result in denial of service or potentially allow execution of arbitrary...

CLSA-2026-1771519663 libsoup: Fix of 2 CVEs

CVE-2026-1761: fix stack-based buffer overflow in multipart HTTP response parsing caused by incorrect length calculation in soupfilterinputstreamreaduntil - CVE-2026-0719: fix stack-based buffer overflow in NTLM authentication caused by integer overflow in md4sum with excessively long passwords...

DEBIAN-CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

CVE-2025-8076

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

CVE-2025-63464

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub42396C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-9390 vim xxd xxd.c main buffer overflow

A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be...

Linux Distros Unpatched Vulnerability : CVE-2024-42086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate functions There are cases in the compensa...

Security update for sqlite3

This update for sqlite3 fixes the following issues: CVE-2025-29087,CVE-2025-3277: Fixed integer overflow in sqlite concat function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component bsc1241078 Other fixes: Updated to version 3.49.1 from Factory...

CVE-2024-53187 io_uring: check for overflows in io_pin_pages

In the Linux kernel, the following vulnerability has been resolved: iouring: check for overflows in iopinpages WARNING: CPU: 0 PID: 5834 at iouring/memmap.c:144 iopinpages+0x149/0x180 iouring/memmap.c:144 CPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-next-20241118-syzkaller 0...

Important: glibc

Issue Overview: The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

UBUNTU-CVE-2024-26327

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...

CVE-2022-41522

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an unauthenticated stack overflow via the "main" function...

OSV-2020-2308 Heap-buffer-overflow in derive_collocated_motion_vectors

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30568 Crash type: Heap-buffer-overflow READ 1 Crash state: derivecollocatedmotionvectors derivetemporallumavectorprediction filllumamotionvectorpredictors...

ICU: Integer overflow in UnicodeString::doAppend()

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

CVE-2018-13218

The sell function of a smart contract implementation for ICO Dollar ICOD, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...

CVE-2018-13210

The sell function of a smart contract implementation for Providence Crypto Casino PVE Contract Name: ProvidenceCasinoToken, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...

CVE-2018-13231

The sell function of a smart contract implementation for ENTER ENTR Contract Name: EnterToken, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...

CVE-2018-13223

The sell function of a smart contract implementation for R Time Token v3 RS Contract Name: RTokenMain, an Ethereum token, has an integer overflow in which "amount sellPrice" can be zero, consequently reducing a seller's assets...