Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000643 advisory. Heap-based buffer overflow in the iscsiaddnotunderstoodresponse function in drivers/target/iscsi/iscsitargetparameters.c in the iSCSI target subsystem in the Linux...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001945)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001945 advisory. Heap-based buffer overflow in the iscsiaddnotunderstoodresponse function in drivers/target/iscsi/iscsitargetparameters.c in the iSCSI target subsystem in the Linux...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

UBUNTU-CVE-2023-26053

Gradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs 64bits for PGP keys. Users of dependency verification in Gradle are vulnerable if they use long IDs for PGP keys in a trusted-key or pgp element in their...

SUSE CVE-2008-1188

Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with 1 a long key name in the xml header or 2 a long charset value, different issu...

CVE-2021-46149

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A denial of service resource consumption can be accomplished by searching for a very long key in a Language Name Search...

CVE-2021-28846

A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with "%s: key len = %d, too long\...

PT-2018-16267 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17 Description: A buffer overflow issue exists in the credentials handler of the video-core's HTTP server. The strncpy function overflows a destination buffer of size 32 bytes. This ca...

CVE-2014-3100

Stack-based buffer overflow in the encodekey function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name...

Stack overflow

Stack-based buffer overflow in the encodekey function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name...

kernel: iscsi-target: heap buffer overflow on large key error

Heap-based buffer overflow in the iscsiaddnotunderstoodresponse function in drivers/target/iscsi/iscsitargetparameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service memory corruption and OOPS or possibly execute arbitrary co...

DEBIAN-CVE-2013-2850

Heap-based buffer overflow in the iscsiaddnotunderstoodresponse function in drivers/target/iscsi/iscsitargetparameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service memory corruption and OOPS or possibly execute arbitrary co...

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with 1 a long key name in the xml header or 2 a long charset value, different issu...

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with 1 a long key name in the xml header or 2 a long charset value, different issu...

ZDI-0 8-0 0 9 this weird vulnerability-vulnerability warning-the black bar safety net

int3 space This loophole is actually quite simple, long key name can result in a stack overflow, but why is javaws. exe does not crash yet, so referring to ZDI-0 8-0 1 0 a careful analysis of the about this vulnerability. The vulnerability is such that, in Assembly code, I'm not full posts, posts...

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with 1 a long key name in the xml header or 2 a long charset value, different issu...