63 matches found
Exploit for CVE-2025-4517
CVE-2025-4517 — Python tarfile filter="data" Bypass PoC P...
PT-2026-8018
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
SUSE-SU-2026:0423-1 Security update for python-brotlipy
This update for python-brotlipy fixes the following issues: - Add max length decompression bsc1254867, bsc1256017...
Mastodon security vulnerabilities
Mastodon is an open-source social networking server based on ActivityPub. Versions of Mastodon prior to v4.5.5, v4.4.12, and v4.3.18 contained security vulnerabilities. These vulnerabilities stemmed from the lack of enforcing a maximum length for list names, filter names, or filter keywords, whic...
PYSEC-2026-9
In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed core maxtemplatedfieldlength, sensitive values could be exposed in cleartext in the Rendered Templates UI. This occurred because serialization of those fields used a secrets masker instance that did not include...
CLSA-2026-1768209702 ruby: Fix of CVE-2025-24294
CVE-2025-24294: fix decompressed name length limit in DNS resolver to prevent exceeding RFC 1035's 255-octet maximum...
CVE-2022-50747
CVE-2022-50747: In the Linux kernel hfs_asc2mac(), an out-of-bounds write could occur when in->len exceeds HFS_NAMELEN, if dst reaches boundary while srclen remains > 0. The fix adds a dstlen check in the writing loop to prevent OOB writes. Affected: Linux kernel hfs/trans.c; root cause: mi...
DEBIAN-CVE-2025-34457
wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kissrecbyte located in src/kissframe.c. When processing crafted KISS frames that reach the maximum allowed frame length MAXKISSLEN, the function...
CVE-2025-34457 wb2osz/direwolf <= 1.8.1 Stack-based Buffer Overflow DoS
wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kissrecbyte located in src/kissframe.c. When processing crafted KISS frames that reach the maximum allowed frame length MAXKISSLEN, the function...
DEBIAN-CVE-2025-40294
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix OOB access in parseadvmonitorpattern In the parseadvmonitorpattern function, the value of the 'length' variable is currently limited to HCIMAXEXTADLENGTH251. The size of the 'value' array in the mgmtadvpatter...
SUSE CVE-2025-40205
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...
DEBIAN-CVE-2025-40205
In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...
SUSE CVE-2023-53729
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...
DEBIAN-CVE-2023-53729
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...
CVE-2023-53729 soc: qcom: qmi_encdec: Restrict string length in decode
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...
Strapi Password Hashing is Missing Maximum Password Length Validation
Summary Strapi's password hashing implementation using bcryptjs lacks maximum password length validation. Since bcryptjs truncates passwords exceeding 72 bytes, this creates potential vulnerabilities such as authentication bypass and performance degradation. POC Create an admin user with a passwo...
CVE-2025-25298 Missing Maximum Password Length Validation in Strapi Password Hashing
Strapi is an open source headless CMS. The @strapi/core package before version 5.10.3 does not enforce a maximum password length when using bcryptjs for password hashing. Bcryptjs ignores any bytes beyond 72, so passwords longer than 72 bytes are silently truncated. A user can create an account...
CVE-2025-25298 Missing Maximum Password Length Validation in Strapi Password Hashing
Strapi is an open source headless CMS. The @strapi/core package before version 5.10.3 does not enforce a maximum password length when using bcryptjs for password hashing. Bcryptjs ignores any bytes beyond 72, so passwords longer than 72 bytes are silently truncated. A user can create an account...
CVE-2025-25298
CVE-2025-25298 concerns Strapi’s @strapi/core up to v5.10.3, where bcryptjs-based password hashing does not enforce a maximum password length. Passwords longer than 72 bytes are silently truncated by bcryptjs, allowing a user to register with an overlong password and authenticate using only the f...
UBUNTU-CVE-2025-9809
Out-of-bounds write in cdfsopencuetrack in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATHMAXLENGTH that is copied using memcpy into a fixed-size buffer...