CVE-2025-8653

Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required to exploit this vulnerability. The specific...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack buffer overflow vulnerability exists in the Huawei HarmonyOS dmsfwk module, which can be exploited by an attacker to cause code execution...

Moderate: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

RHEL 10 : jq (RHSA-2025:12882)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12882 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

PT-2025-31983 · Unknown +1 · Mediaplayerctrl.Dll +1

Name of the Vulnerable Software and Affected Versions: BlazeVideo HDTV Player Pro version 6.6.0.3 Description: BlazeVideo HDTV Player Pro version 6.6.0.3 is susceptible to a stack-based buffer overflow due to improper handling of user-supplied input within .plf playlist files. When processing a...

CVE-2025-7844

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAXRSAKEYBITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than...

CVE-2025-7844

CVE-2025-7844 affects wolfTPM (wolfSSL) via wolfTPM2_RsaKey_TpmToWolf: exporting an RSA key >2048 bits from a TPM can overflow a fixed-size stack buffer when MAX_RSA_KEY_BITS is 2048. Root cause: copying external data to a stack buffer without length validation. If MAX_RSA_KEY_BITS matches the...

CVE-2025-7844 wolfTPM library wrapper function `wolfTPM2_RsaKey_TpmToWolf` copies external data to a fixed-size stack buffer without length validation potentially causing stack-based buffer overflow

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAXRSAKEYBITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than...

PT-2025-31869 · Wolftpm2 · Wolftpm2

Name of the Vulnerable Software and Affected Versions: wolfTPM2 affected versions not specified Description: Exporting a TPM based RSA key larger than 2048 bits from the TPM could lead to a stack buffer overflow if the default MAX RSA KEY BITS=2048 is used. This issue occurs when the wolfTPM2...

CVE-2025-23284

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering...

CVE-2025-23284

CVE-2025-23284 affects NVIDIA vGPU software in the Virtual GPU Manager. The Red Hat/NVIDIA/NVD feeds describe a stack buffer overflow caused by a malicious guest, with potential for code execution, denial of service, information disclosure, or data tampering. The vendor has released security upda...

CVE-2025-23284

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering...

CVE-2025-23283

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information...

CVE-2025-23283

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information...

CVE-2025-23283

CVE-2025-23283 affects NVIDIA vGPU software for Linux-type hypervisors, with a vulnerability in the Virtual GPU Manager that can be triggered by a malicious guest to cause a stack buffer overflow. The result could enable code execution, denial of service, privilege escalation, information disclos...

CVE-2025-23283

NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information...

Alpine iLX-507 安全漏洞

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in a root context...

Alpine iLX-507 安全漏洞

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in a root context...

Moderate: Red Hat Security Advisory: icu security update

An update for icu is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

The MPlayer Project MPlayer Lite 安全漏洞

The MPlayer Project MPlayer Lite is a multimedia player from The MPlayer Project, Inc. A security vulnerability exists in The MPlayer Project MPlayer Lite version r33064, which stems from improper boundary checking when handling M3U playlist files containing long http URL entries, which could lea...