CVE-2026-7598

A flaw was found in the libssh2 library. A remote attacker can exploit an integer overflow vulnerability in the userauthpassword function by manipulating the usernamelen or passwordlen arguments and cause a heap-based buffer overflow. This leads to a crash to the application linked to the library...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-7598)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-7598 advisory. - A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the...

CVE-2018-25293

Prime95 29.4b7 contains a buffer overflow vulnerability in the PrimeNet connection dialog that allows local attackers to crash the application by supplying an excessively long string in the optional proxy password field. Attackers can trigger a denial of service by entering a 6000-byte payload in...

Unity Linux 20.1070a Security Update: libsoup (UTSA-2026-007283)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007283 advisory. A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processin...

CVE-2019-25467

Verypdf docPrint Pro 8.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields. Attackers can craft a malicious payload with...

AT&T Bell Labs UNIX 安全漏洞

AT&T Bell Labs UNIX is a Unix-like operating system developed by AT&T Corporation in the United States. There is a security vulnerability in AT&T Bell Labs UNIX v4, which stems from a buffer overflow in the password variable. This vulnerability could allow local users to gain root privileges...

CVE-2026-3678

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclos...

CVE-2020-37143

ProficySCADA for iOS 5.0.25920 is affected by a denial of service vulnerability caused by a flaw in the password input handling. Specifically, an attacker can overwrite the password field with 257 bytes of repeated characters, triggering an application crash and preventing authentication. This vu...

PT-2026-6585

Name of the Vulnerable Software and Affected Versions ProficySCADA for iOS version 5.0.25920 Description The application is susceptible to a denial of service condition. An attacker can cause the application to crash by manipulating the password input field. Specifically, overwriting the field wi...

CVE-2022-50689

Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration...

CVE-2022-50689

Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration...

PT-2025-52694

Name of the Vulnerable Software and Affected Versions Cobian Reflector version 0.9.93 RC1 Description The software contains a denial of service issue that allows attackers to crash the application. This occurs by overflowing the password input field. An attacker can paste a large 8000-byte buffer...

CVE-2023-53873 SyncBreeze 15.2.24 Denial of Service via Login Endpoint Overflow

SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication mechanism that allows attackers to crash the service. Attackers can send an oversized password parameter with repeated 'password=' values to overwhelm the login endpoint and potentially disrupt service...

CVE-2025-13188 D-Link DIR-816L authentication.cgi authenticationcgi_main stack-based overflow

A vulnerability was detected in D-Link DIR-816L 206b09beta. Affected by this vulnerability is the function authenticationcgimain of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible...

TOTOLINK T10 安全漏洞

The TOTOLINK T10 is a wireless router from TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK T10 version 4.1.8cu.5207, which affects the function setWiFiRepeaterCfg in the /cgi-bin/cstecgi.cgi file of the component's POST request handler.An attacker can exploit the vulnerability by...

D-Link DIR-853 Password Parameter Buffer Overflow Vulnerability

The D-Link DIR-853 is a dual-band wireless router that supports the 802.11ac protocol and provides dual-band 2.4GHz up to 400Mbps and 5GHz up to 867Mbps network connectivity for HD video streaming and online gaming. The D-Link DIR-853 suffers from a buffer overflow vulnerability that originates...

TOTOLINK CA300-PoE 安全漏洞

TOTOLINK CA300-PoE is a wireless access point from China's Gion Electronics TOTOLINK. The TOTOLINK CA300-PoE suffers from a buffer overflow vulnerability, which originates from the password parameter in the loginauth function of the /cgi-bin/cstecgi.cgi page that fails to correctly validate the...

CVE-2024-37632

TOTOLINK A3700R V9.1.2u.616520211012 was discovered to contain a stack overflow via the password parameter in function loginAuth...

RHEL 5 : curl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - curl: NTLM password overflow via integer overflow CVE-2018-14618 - cURL and libcurl 7.10.6 through 7.34.0...

RHEL 6 : curl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - curl: NTLM password overflow via integer overflow CVE-2018-14618 - The default configuration for cURL and...