CVE-2026-6238

GLIBC: The deprecated debugging functions ns_printrrf, ns_printrr and fp_nquery in GNU C Library (glibc) 2.2 and newer fail to validate RDATA against its length for DNS LOC, CERT, TKEY or TSIG records. This may let an attacker craft a DNS response that crashes a target application or reads uninit...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems from the U.S.-based Apple Inc. developed specifically for Mac computers. A security vulnerability exists in Apple macOS Sonoma prior to 14.8.3 and Sequoia prior to 15.7.3, which stems from a session management issue that could result in...

CVE-2023-22669

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process...

Malicious code in record-data-encapsulation-test-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d53a7747d2d9554159637bd6865a3a6fe0253c1c5271e44d4fd75abc188889e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2021-33833

ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA...

CVE-2020-27249

A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0004 and 0x0015, an attacker can...

Design/Logic Flaw

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it receives a datagram with an incorrect value in the “Record Data Size” field. By sendin...

Design/Logic Flaw

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a...

CVE-2013-2806

Rockwell Automation RSLinx Enterprise Software LogReceiver.exe CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a...

real.c Arbitrary Code Execution Vulnerability

real.c is the C file library for parsing streams. An arbitrary code execution vulnerability exists in real.c that could allow a remote attacker to execute arbitrary code via a crafted length value RDT block header...

DEBIAN-CVE-2013-4854

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query with...

Tracking The Destructive Worm Zimuse

Zimuse-A and its variant, Zimuse-B, overwrite MBR Master Boot Record files on infected drives with their own data, either 40 days or 20 days respectively after infection. This malicious behavior corrupts records and makes data recovery difficult if not impossible, researchers report. Read the ful...

Microsoft Excel Style Record Data Handling Code Execution (MS08-014; CVE-2008-0114)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in the way Microsoft Excel handles Style record data. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow...