Lucene search
K

25 matches found

NVD
NVD
added 2026/07/01 3:17 p.m.10 views

CVE-2026-6687

FatFs R0.16 and earlier contains a stack overflow bug in fgetlabel because exFAT label length XDIRNumLabel is trusted without enforcing spec maximums. This maps to CWE-121 Stack-based Buffer Overflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 7.6, High. The estimate...

7.6CVSS0.00232EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:57 p.m.6 views

CVE-2026-6687

FatFs R0.16 and earlier contains a stack overflow bug in fgetlabel because exFAT label length XDIRNumLabel is trusted without enforcing spec maximums. This maps to CWE-121 Stack-based Buffer Overflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 7.6, High. The estimate...

7.6CVSS5.8AI score0.00232EPSS
Exploits2References5
CVE
CVE
added 2026/07/01 1:57 p.m.39 views

CVE-2026-6687

CVE-2026-6687 affects FatFs R0.16 and earlier. Root cause: f_getlabel() trusts exFAT label length (XDIR_NumLabel) beyond the spec maximums, causing a stack-based buffer overflow (CWE-121). Documented impact per CVSS: high for confidentiality, integrity, and availability. Exploitation status is no...

7.6CVSS5.8AI score0.00232EPSS
Exploits2References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54929

Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description A stack-based buffer overflow occurs in the f getlabel function. This issue arises because the exFAT label length XDIR NumLabel is trusted without enforcing the maximum limits defined by the...

7.6CVSS6.4AI score0.00232EPSS
Exploits2References8
Packet Storm
Packet Storm
added 2026/03/11 12:0 a.m.130 views

📄 BuptLab DNS Relay Server 1.0 Denial of Service

A remote denial of service vulnerability exists in BuptLab DNS Relay Server version 1.0 due to improper validation of DNS label length during query parsing. An attacker can send a specially crafted DNS request containing an invalid label length field that exceeds the actual payload size. When the...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/10 11:45 p.m.4 views

gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

4CVSS5.8AI score0.00203EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.5 views

Astra Linux – Vulnerability in gnutls28

A flaw was discovered in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function, which handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes beyond the end of a fixed-size stack buffer. This programming error can cause...

4CVSS7.5AI score0.00203EPSS
Exploits0References3
CVE
CVE
added 2026/01/26 7:58 p.m.59 views

CVE-2025-9820

CVE-2025-9820 affects the GnuTLS library, specifically gnutls_pkcs11_token_init(), where processing an overly long token label can cause a stack-based buffer overflow. Publicly documented impact includes potential crash or local code execution with resulting denial of service or privilege escalat...

4CVSS5.9AI score0.00203EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.6 views

FreeBSD : GnuTLS -- Stack write buffer overflow (b6835edf-c6c8-11f0-8471-74563cf9e4e9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b6835edf-c6c8-11f0-8471-74563cf9e4e9 advisory. GnuTLS reports: When a PKCS11 token is initialized with gnutlspkcs11tokeninit function and it is passed...

4CVSS5.8AI score0.00203EPSS
Exploits0References3
Snyk
Snyk
added 2025/11/18 12:0 a.m.2 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the gnutlspkcs11tokeninit function. An attacker can cause a crash or potentially execute arbitrary code by supplying a PKCS11 token with a label longer than 32 characters, leading to writing past the end ...

5.1CVSS6.2AI score0.00203EPSS
Exploits0References2
OSV
OSV
added 2025/04/03 10:22 a.m.15 views

CLSA-2025-1743675732 avahi: Fix of 8 CVEs

CVE-2021-3468: handle termination event on avahi Unix socket to prevent infinite loop - CVE-2023-1981: prevent avahi daemon crash by emitting an error if the requested D-Bus service is not found - CVE-2021-3502: fix avahi-daemon crashing from NULL pointer assertions - CVE-2023-38469: reject...

6.2CVSS6.6AI score0.00453EPSS
Exploits2References1
OSV
OSV
added 2023/12/19 3:3 p.m.6 views

SUSE-SU-2023:4910-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2023-38473: Fixed a reachable assertion when parsing a host name bsc1216419. - CVE-2023-38470: Fixed that each label is at least one byte long bsc1215947...

6.2CVSS6.3AI score0.00306EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.3 views

SUSE CVE-2011-3601

Buffer overflow in the processra function in the router advertisement daemon radvd before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative value in a labellen value...

7.5CVSS8.2AI score0.03995EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.4 views

SUSE CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

9.8CVSS9.1AI score0.06681EPSS
Exploits1References9
OSV
OSV
added 2022/10/07 5:15 a.m.1 views

DEBIAN-CVE-2022-2929

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

6.5CVSS6.8AI score0.0062EPSS
Exploits0References1
NVD
NVD
added 2021/03/29 8:15 p.m.24 views

CVE-2020-25583

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold8 decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of each label contains th...

10CVSS0.01465EPSS
Exploits0References2
OSV
OSV
added 2021/03/29 8:15 p.m.7 views

CVE-2020-25583

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold8 decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of each label contains th...

9.8CVSS5.6AI score0.01465EPSS
Exploits0References2
OSV
OSV
added 2020/06/18 3:15 p.m.4 views

UBUNTU-CVE-2017-9103

An issue was discovered in adns before 1.5.2. papmailbox822 does not properly check st from adnsfindlabelnext. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be able to trick adns into crashing the calling progra...

9.8CVSS7.3AI score0.0205EPSS
Exploits0References3
OSV
OSV
added 2017/03/15 3:59 p.m.3 views

DEBIAN-CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

9.8CVSS8.8AI score0.06681EPSS
Exploits1References1
OSV
OSV
added 2017/03/15 3:59 p.m.5 views

ALPINE-CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

9.8CVSS9.3AI score0.06681EPSS
Exploits1References1
Rows per page
Query Builder