Lucene search
K

78 matches found

OSV
OSV
added 2025/12/02 1:15 p.m.4 views

CVE-2025-11782

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload' function uses “sprintf” to format a string that includes the user-controlled input of 'GetParametermeter' in the fixed-size buffer 'acStack4c' 64 bytes without checking the length. An attacker c...

9.8CVSS6.1AI score0.0035EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 12:58 p.m.3 views

CVE-2025-11780 Stack-based buffer overflow vulnreability in Circutor SGE-PLC1000/SGE-PLC50

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

8.7CVSS6.8AI score0.00284EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/18 12:0 a.m.11 views

Fedora 41 : perl-Cpanel-JSON-XS (2025-89495f6403)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-89495f6403 advisory. This update fixes an issue where a specially-crafted JSON input could cause an integer overflow leading to a crash in the program parsing the JSON...

5.6CVSS5.5AI score0.00405EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/17 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-53313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md/raid10: fix wrong setting of maxcorrreaderrors There is no input check when echo md/maxreaderrors and overflow might occur. Add check of input number...

5.5CVSS6.2AI score0.0015EPSS
Exploits0References3
OSV
OSV
added 2025/09/16 5:15 p.m.0 views

DEBIAN-CVE-2023-53313

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of maxcorrreaderrors There is no input check when echo md/maxreaderrors and overflow might occur. Add check of input number...

5.5CVSS5.3AI score0.0015EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-26818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.3 views

NVIDIA Triton Inference Server 输入验证错误漏洞

Triton Inference Server is a high-performance inference service engine developed by NVIDIA, designed for AI model deployment in production environments, with support for a variety of frameworks TensorFlow, PyTorch, ONNX, etc. and optimized inference performance for GPUs and CPUs. An integer...

7.5CVSS6.9AI score0.00536EPSS
Exploits0References3
OSV
OSV
added 2025/07/25 1:16 p.m.3 views

OESA-2025-1898 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

9.1CVSS6.9AI score0.01437EPSS
Exploits0References4
OSV
OSV
added 2025/07/18 2:49 p.m.3 views

OESA-2025-1867 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

2.5CVSS6.8AI score0.0019EPSS
Exploits0References2
OSV
OSV
added 2025/06/18 11:15 a.m.5 views

DEBIAN-CVE-2022-50030

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, leaving space for NUL...

7.8CVSS5.6AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2025/03/25 2:6 a.m.12 views

USN-7370-1 smartdns vulnerabilities

It was discovered that SmartDNS did not correctly align certain objects in memory, leading to undefined behaviour. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. CVE-2024-24198, CVE-2024-24199 It was...

7.5CVSS6.1AI score0.00551EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/03/13 12:0 a.m.7 views

The vulnerability of Cobalt Ashlar-Vellum’s parametric automated design and 3D modeling software lies in its ability to copy buffers without checking the size of the input data. This allows a hacker to execute arbitrary code.

The vulnerability of Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current process...

7.8CVSS7.6AI score0.00264EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/24 8:15 a.m.0 views

DEBIAN-CVE-2025-0690

The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to...

6.1CVSS7.6AI score0.00673EPSS
Exploits1References1
OSV
OSV
added 2024/11/08 12:15 a.m.1 views

DEBIAN-CVE-2024-47072

XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream when XStream is configured to use the...

7.5CVSS6.2AI score0.02015EPSS
Exploits0References1
Veracode
Veracode
added 2024/09/03 1:33 p.m.7 views

Integer Overflow

tensorflow, tensorflowcpu and tensorflowgpu are vulnerable to Integer Overflow. The vulnerability is caused due to a missing validation where TFLite implementation of concatenation is vulnerable to an integer overflow issue. An attacker can craft a model such that the dimensions of one of the...

7.1CVSS6.8AI score0.00192EPSS
Exploits1References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/04/09 12:0 a.m.10 views

The vulnerability in the file src/gif.imageio/gifinput.cpp of the OpenImageIO image processing library allows a attacker to cause a service failure.

The vulnerability in the src/gif.imageio/gifinput.cpp file of the OpenImageIO library relates to the ability to write beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.4AI score0.0119EPSS
Exploits1References7Affected Software4
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.5 views

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. GTKWave suffers from an integer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...

7.8CVSS7.9AI score0.00372EPSS
Exploits1References2
OSV
OSV
added 2023/11/15 9:38 a.m.2 views

USN-6449-2 ffmpeg regression

USN-6449-1 fixed vulnerabilities in FFmpeg. Unfortunately that update could introduce a regression in tools using an FFmpeg library, like VLC. This updated fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that FFmpeg incorrectly managed memory...

6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/05 12:0 a.m.4 views

PT-2023-5766 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetWanSettings function via the Password parameter. This allows attackers to cause a Denial of Service DoS via a crafted input. The vulnerabilit...

7.8CVSS7.5AI score0.00865EPSS
Exploits1References7
Amazon
Amazon
added 2023/09/25 12:0 a.m.5 views

Important: firefox

Issue Overview: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1. CVE-2023-4045 In some...

9.8CVSS9.9AI score0.13694EPSS
Exploits1
Rows per page
Query Builder