UBUNTU-CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

PT-2026-39718

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description A flaw exists in the decNumberFromString function when processing a number literal containing 2147483646 digits. This causes the D2U macro to overflow during signed-int arithmetic, leading to a wrapped...

CVE-2026-29974

The CVE-2026-29974 entry affects kosma minmea version 0.3.0, specifically the minmea_scan function. The vulnerability arises because the format specifier copies NMEA field data into a caller-provided buffer without a size parameter, enabling a stack buffer overflow when processing untrusted input...

CVE-2026-30814

A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow...

SUSE-SU-2026:1755-1 Security update for freeipmi

This update for freeipmi fixes the following issue: - CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses bsc1260414...

Security update for freeipmi

This update for freeipmi fixes the following issue: CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses bsc1260414. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

BIT-JAVA-2025-6021 Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

SUSE CVE-2026-31772

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix stack buffer overflow in hcilebigcreatesync hcilebigcreatesync uses DEFINEFLEX to allocate a struct hcicplebigcreatesync on the stack with room for 0x11 17 BIS entries. However, conn-numbis can hold up to...

Astra Linux - уязвимость в gnutls28

A flaw was discovered in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function, which handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes beyond the end of a fixed-size stack buffer. This programming error can cause...

Astra Linux - уязвимость в libde265

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2026-43020

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

CVE-2026-31772

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix stack buffer overflow in hcilebigcreatesync hcilebigcreatesync uses DEFINEFLEX to allocate a struct hcicplebigcreatesync on the stack with room for 0x11 17 BIS entries. However, conn-numbis can hold up to...

PT-2026-36519

Name of the Vulnerable Software and Affected Versions agl-service-can-low-level affected versions not specified Description A stack buffer overflow exists in the uds-c library. The send diagnostic request function in uds.c allocates a 6-byte stack buffer but copies up to 7 bytes via memcpy at an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack buffer overflow in the Bluetooth HCI synchronization command, which could lead to memory corruption...

Automotive Grade Linux agl-service-can-low-level 安全漏洞

Automotive Grade Linux agl-service-can-low-level is an in-vehicle communication service component from Automotive Grade Linux. A security vulnerability exists in Automotive Grade Linux agl-service-can-low-level version 17.1.12 and earlier, which stems from an uds-c inventory overflow in the stack...

EUVD-2026-26689

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

Tenda HG3 缓冲区错误漏洞

The Tenda HG3 is a fiber-optic network terminal wireless router device designed for home broadband access by the Chinese company Tenda. Version 2.0 of the Tenda HG3 contains a buffer error vulnerability. This vulnerability stems from improper handling of the parameter destNet in the function...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

SAIL 安全漏洞

SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability, which stems from the RLE decoder in the TGA encoder/decoder’s asymmetric boundary checks. This vulnerability may lead to a stack buffer overflow...

K000160853: Multiple Vim vulnerabilities

Security Advisory Description CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL e.g., using the scp:// protocol handler, an...