Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

PT-2025-12495 · D Link · D-Link Dap-1620

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1620 version 1.03 Description: A critical vulnerability has been found in the D-Link DAP-1620, affecting the mod graph auth uri handler function of the Authentication Handler component. This vulnerability leads to a stack-based...

CVE-2025-27168 Illustrator | Stack-based Buffer Overflow (CWE-121)

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-27168

CVE-2025-27168 corresponds to a stack-based buffer overflow in Adobe Illustrator versions 29.2.1, 28.7.4 and earlier that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction—victim must open a malicious file. Affected component: Illust...

CVE-2025-27168 Illustrator | Stack-based Buffer Overflow (CWE-121)

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-2151

CVE-2025-2151 affects Open Asset Import Library Assimp 5.4.3, specifically the GetNextLine function in ParsingUtils.h (File Handler). The vulnerability is a stack-based buffer overflow that can be triggered remotely, with exploitation disclosed publicly. Affected software may be exploitable in en...

Amazon Linux 2 : gcc10-binutils (ALAS-2025-2772)

The version of gcc10-binutils installed on the remote host is prior to 2.35.2-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2772 advisory. A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function...

Updated gpac packages fix security vulnerabilities

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. CVE-2023-5520 Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. CVE-2024-0321 Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. CVE-2024-0322...

CVE-2025-2097

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument loginpass leads to stack-based buffer overflow. The attack may be initiat...

PT-2025-10025 · Manageengine · Zoho Manageengine Adselfservice Plus

Name of the Vulnerable Software and Affected Versions: Netgear EX6100 version 1.0.2.28 1.1.138 Description: A critical vulnerability exists in the Netgear EX6100, specifically within the sub 415EF8 function. This issue leads to a stack-based buffer overflow, potentially allowing remote attackers ...

Linux Distros Unpatched Vulnerability : CVE-2025-0840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file...

CVE-2025-25634

A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src leads to stack-based buffer overflow...

CVE-2025-1876

A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function httprequestparse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched...

CVE-2025-1851

A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2025-25634

CVE-2025-25634 affects the Tenda AC15 router (version 15.03.05.19). The vulnerability lies in the function GetParentControlInfo within /goform/GetParentControlInfo, where manipulation of the src argument causes a stack-based buffer overflow. Public metadata lists a CVSS v3.1 base score of 6.5 (Ne...

CVE-2025-25634

A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src leads to stack-based buffer overflow...

Linux Distros Unpatched Vulnerability : CVE-2024-29507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters. CVE-2024-29507 Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2021-45833

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5Dcreatechunkfilemaphyper function in /hdf5/src/H5Dchunk.c, which causes a Denial o...

Linux Distros Unpatched Vulnerability : CVE-2021-42531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMP Toolkit SDK version 2021.07 and earlier is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the...

Linux Distros Unpatched Vulnerability : CVE-2023-2837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. CVE-2023-2837 Note that Nessus relies on the presence of the package as reported by t...