Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ptpunpackEOSImageFormat and ptpunpackEOSCustomFuncEx functions due to missing length validation for input buffers. An attacker can cause the application to read out-of-bounds memory by supplying crafted data to...

CVE-2026-25571

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK client component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

CVE-2026-25572

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

CVE-2026-25572

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC suffers from a stack buffer overflow vulnerability that stems from the vorbistointern function failing to correctly validate the length and size of the input data, which can be exploited by an attacker to cause a denial of service...

EUVD-2021-2221

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-43970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36...

Tenda FH451 formP2pListFilter function buffer overflow vulnerability

Tenda FH451 is a single-band 2.4GHz SOHO wireless router launched by China Tenda, with a maximum transmission rate of 450Mbps, belonging to the series of products of the King of Wall Penetration. Tenda FH451 has a buffer overflow vulnerability, the vulnerability stems from the parameter page in t...

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the XMKD Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

CVE-2020-3653

Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is a broadband router from D-Link designed for small to medium sized network environments. A stack buffer overflow vulnerability exists in the D-Link DI-8100. The vulnerability stems from the authasp function in the /auth.asp file in the jhttpd component not effectively limitin...

CLSA-2025-1739825397 freerdp: Fix of 6 CVEs

CVE-2024-32458: fix missing input length checks - CVE-2024-32459: fix missing input length check - CVE-2024-32460: fix out-of-bound read in interleaveddecompress - CVE-2024-32039: fix integer overflow - CVE-2024-32040: fix missing check - CVE-2024-32041: fix integer overflow...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that stems from the generalLumaToYUV444 function processing on the in variable without checking if it contains data of sufficient length. An...

c-ares: buffer overflow in config_sortlist() due to missing string length check

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

c-ares: buffer overflow in config_sortlist() due to missing string length check

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

CLSA-2023-1675372486 Fix CVE(s): CVE-2022-3437

SECURITY UPDATE: heap-based buffer overflows in Heimdal ARC4 and DES3 - debian/patches/CVE-2022-3437.patch: add extra NULL pointer and buffer boundaries checks, fix undefined behaviour and input data length calculations, remove accidentally duplicated code in arcfour.c - CVE-2022-3437...

Tenda A15 缓冲区错误漏洞

Tenda A15 is a WiFi extender from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda A15 security parameter, which originates from a lack of length checking of input data in the security parameter of /goform/WifiBasicSet, and can be exploited by an attacker to execute...

frrouting: overflow bugs in unpack_tlv_router_cap

frrouting is vulnerable to a flaw that can cause buffer overflow through due to incorrect checks on the input packet length when processing type-length-value packets. There is high impact to availability due to the fact that the process up-time can be made unreliable...

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...