OSV-2026-678 UNKNOWN WRITE in ___interceptor_strncpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=508899220 Crash type: UNKNOWN WRITE Crash state: interceptorstrncpy concathashstring ndpisearchsshtcp...

OSV-2026-659 Heap-buffer-overflow in ___interceptor_strncpy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=507904196 Crash type: Heap-buffer-overflow WRITE Crash state: interceptorstrncpy concathashstring ndpisearchsshtcp...

CVE-2025-41380 Injection vulnerability in Iridium Certus 700

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This vulnerability allows a local user to retrieve the SSH hash string...

UBUNTU-CVE-2020-11940

In nDPI through 3.2 Stable, an out-of-bounds read in concathashstring in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library...

UBUNTU-CVE-2018-7651

index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string...

CVE-2018-7651

index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string...

CVE-2013-5754

The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain administrative access and change the administrator password via requests involving 1 ActiveX, 2 a...

CVE-2013-5754

CVE-2013-5754 affects Dahua DVR appliances. The authorization implementation accepts a hash string representing the current date as a master password, enabling remote attackers to obtain administrative access and change the administrator password via requests over ActiveX, a standalone client, or...

CVE-2008-1527

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40PE9 and 3.40AGD.2 through 3.40AHQ.3, support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack...

CVE-2008-1527

CVE-2008-1527 affects ZyXEL Prestige routers P-660, P-661, and P-662 with firmware versions 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3). The issue arises from HTTP authentication using a hash in the hiddenPassword field, enabling remote attackers to gain access via a replay attack. Reported imp...

CVE-2008-1527

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40PE9 and 3.40AGD.2 through 3.40AHQ.3, support authentication over HTTP via a hash string in the hiddenPassword field, which allows remote attackers to obtain access via a replay attack...