EUVD-2026-33314

mouse07410/asn1c is an ASN.1 compiler. In 1.4 and earlier, a memory safety vulnerability was identified in the OER decoding skeleton files generated by asn1c specifically INTEGERoer.c. When parsing a maliciously crafted, zero-length OER payload for a variable-length, non-negative INTEGER type, th...

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

Chromium: CVE-2026-7947 Insufficient validation of untrusted input in Network

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-7947

Insufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7947

Insufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7947

CVE-2026-7947 affects Google Chrome prior to 148.0.7778.96. The issue is insufficient validation of untrusted input in Chrome’s Network component, enabling a renderer-compromised remote attacker to spoof UI via a crafted HTML page. Impact is UI spoofing with low confidentiality/integrity/availabi...

Swift W3C TraceContext vulnerable to a malformed HTTP header causing a crash

A denial-of-service vulnerability due to improper input validation allows a remote attacker to crash the service via a malformed HTTP header. Allows crashing the process with data coming from the network when used with, for example, an HTTP server. Most common way of using Swift W3C Trace Context...

Buffer-Overflow-Shellcode-Exploitation

Buffer Overflow & Shellcode Exploitation Overview This pr...

EUVD-2025-26166

Malicious code in bioql PyPI...

EUVD-2025-24855

Malicious code in bioql PyPI...

CVE-2025-34523

A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted...

CVE-2025-34523

A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted...

CVE-2025-34523 Arcserve UDP < 10.2 Pre-Authentication Heap Overflow

A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted...

Arcserve Unified Data Protection 安全漏洞

Arcserve Unified Data Protection is Arcserve's all-in-one data and ransomware protection solution. A security vulnerability exists in Arcserve Unified Data Protection versions prior to 10.2 that stems from a heap buffer overflow in network input processing, which could result in a denial of servi...

CVE-2025-54472

Unlimited memory allocation in redis protocol parser in Apache bRPC all versions 1.14.1 on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers re...

CVE-2019-1010258

nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf42c29726 is affected by: Buffer Overflow. The impact is: Memory corruption leading to at least DoS. More severe impact vectors need more investigation. The component is: it's part of a svg processing library. function...

Azure Linux 3.0 Security Update: libsoup (CVE-2024-52531)

The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52531 advisory. - GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in...

CVE-2024-52531

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library. Mitigation Red Hat has...

CVE-2024-52531

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soupheaderparseparamliststrict. There is a plausible way to reach this remotely via soupmessageheadersgetcontenttype e.g., an application may want to retrieve the content type of a request or...