NewStart CGSL MAIN 7.02 : bind Multiple Vulnerabilities (NS-SA-2025-0108)

The remote NewStart CGSL host, running version MAIN 7.02, has bind packages installed that are affected by multiple vulnerabilities: - If a server hosts a zone containing a KEY Resource Record, or a resolver DNSSEC-validates a KEY Resource Record from a DNSSEC-signed domain in cache, a client can...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack memory usage issue after a reshape operation, which could cause the kernel to crash...

ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2023-3341)

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

CVE-2024-32930

In pluginipchandler of slcplugin.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32920

In setsecurereg of sachandler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-28099

OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, if dsisinlist is used with an invalid IP address string NULL is illegal input, OpenSIPS will attempt to print a string from a random address stack garbage, which could lead to a crash. All user...

CVE-2022-25819

OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory...

CVE-2021-0451

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2021-0452

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

CVE-2019-10600

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...

CVE-2019-13123

Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs involving 3 functions exhausting available stack memory because of Uncontrolled Recursion in the V8 JavaScript engine issue 1 of 2...

CVE-2018-21069

An issue was discovered on Samsung mobile devices with N7.x MediaTek chipsets software. There is information disclosure of kernel stack memory in a MediaTek driver. The Samsung ID is SVE-2018-11852 July 2018...

CVE-2011-3450

CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service memory consumption and application crash via a long URL...

CVE-2006-6657

The ifclonelist function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors...

kernel: usb: dwc3: qcom: Fix potential memory leak

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3qcomprobe allocates memory for resource structure which is pointed by parentres pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent...

FreeBSD : Mozilla -- stack memory read (2fc74cae-13c8-11f0-a5bd-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2fc74cae-13c8-11f0-a5bd-b42e991fc52e advisory. [email protected] reports: An attacker could read 32 bits of values spilled onto the stack in a JIT...

Mozilla -- stack memory read

[email protected] reports: An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function...

ALPINE-CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...

UBUNTU-CVE-2025-27810

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...