Wireshark 2.2.x < 2.2.12 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.12. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.12 advisory. - In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. Thi...

hashcat 缓冲区错误漏洞

Hashcat is a high-performance password recovery and cracking tool developed by Hashcat developers. Version 7.1.2 of Hashcat contains a buffer overflow vulnerability. This vulnerability stems from the hextobinary function in the PKZIP hash parser, which has a heap-based buffer overflow. This occur...

Open Cascade OCCT 缓冲区错误漏洞

Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A buffer error vulnerability exists in Open Cascade OCCT version V800rc5, which stems from two heap-based out-of-bounds reads in the RWStlReader::ReadAscii function in the STL ASCII file parse...

CVE-2026-42484

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...

Open Cascade OCCT 代码问题漏洞

Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A code issue vulnerability exists in Open Cascade OCCT version V800rc5, which stems from a flaw in the VrmlDataIndexedFaceSet::TShape function in the VRML V2.0 parser, as malformed VRML inputs...

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

Oracle Linux 缓冲区错误漏洞

Oracle Linux is an open and complete operating environment from Oracle Corporation that provides virtualization, management and cloud-native computing tools, and operating systems. A buffer error vulnerability exists in Oracle Linux that stems from the ELF parser failing to perform bounds checkin...

CVE-2026-42483

A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects modulehashdecode in multiple Kerberos-related modules because accountinfolen is...

EUVD-2026-26531

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

Open Cascade OCCT 缓冲区错误漏洞

Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A buffer error vulnerability exists in Open Cascade OCCT version V800rc5, which stems from a heap-based out-of-bounds read issue in the RWObjReader::read function in the OBJ file parser, as...

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

EUVD-2026-26696

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatpcap.cpp , the parser's phdr.len field is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted PCAP input...

Wireshark 缓冲区错误漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have a buffer error vulnerability. This...

CVE-2026-42484

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...

PT-2026-36518

Name of the Vulnerable Software and Affected Versions Open Vehicle Monitoring System 3 OVMS3 version 3.3.005 Description A buffer overflow occurs because the parser in canformat canswitch.cpp does not properly validate a CANswitch DLC value. This allows remote attackers to cause a denial of servi...

CVE-2026-42484

A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...

PT-2026-36475

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V8 0 0 rc5 exist in RWStl Reader::ReadAscii because buffers returned by Standard ReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

PT-2026-36493

Name of the Vulnerable Software and Affected Versions Open CASCADE Technology OCCT version V8 0 0 rc5 Description A stack-based out-of-bounds read in the VRML parser occurs within the VrmlData Scene::ReadLine function. The quoted-string escape handler utilizes ptr++anOffset without adequate bound...

CVE-2026-42480

A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr++anOffset without proper...