Lucene search
K

34430 matches found

Nuclei
Nuclei
added 10 hours ago79 views

H3C Magic R300-2100M - Remote Code Execution

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. id: CVE-2023-33629 info: name: H3C Magic R300-2100M - Remote Code Execution author: DhiyaneshDK severity: high description: | H3C Magic R300 version...

7.2CVSS7AI score0.04353EPSS
Exploits0References4
NVD
NVD
added yesterday5 views

CVE-2026-51536

In OpENer 2.3.0 commit 76b95cf when parsing incoming CIP Common Industrial Protocol network packets, the length parameter is inconsistently typed across the call stack. Specifically, an upstream length calculated as an int is passed to a downstream function that expects an EipInt16 a 16-bit signe...

9.1CVSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-15548

A security vulnerability has been detected in Shibby Tomato up to 1.28.0000. This vulnerability affects the function sub407220 of the file /usr/sbin/httpd of the component DNS List Rendering. The manipulation leads to stack-based buffer overflow. The attack is possible to be carried out remotely...

9CVSS0.00738EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added yesterday3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

7.8CVSS7.1AI score0.00161EPSS
Exploits0References7
CVE
CVE
added yesterday14 views

CVE-2026-15548

CVE-2026-15548 affects Shibby Tomato up to version 1.28.0000. The flaw resides in the DNS List Rendering component, specifically the function sub_407220 in /usr/sbin/httpd, where a stack-based buffer overflow can be triggered remotely. The vulnerability is described across multiple sources as ena...

9CVSS7.2AI score0.00738EPSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-15544

A vulnerability was determined in Shibby Tomato up to 1.28.0000. Affected is the function getupsvar of the file www/apcupsd/tomatodata.cgi of the component apcupsd. This manipulation of the argument Field causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS0.00438EPSS
Exploits0References5
Cvelist
Cvelist
added yesterday26 views

CVE-2026-15544 Shibby Tomato apcupsd tomatodata.cgi getupsvar stack-based overflow

A vulnerability was determined in Shibby Tomato up to 1.28.0000. Affected is the function getupsvar of the file www/apcupsd/tomatodata.cgi of the component apcupsd. This manipulation of the argument Field causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS0.00438EPSS
Exploits0References5
CVE
CVE
added yesterday9 views

CVE-2026-15544

The CVE-2026-15544 entry concerns Shibby Tomato (up to 1.28.0000) with the apcupsd component. The vulnerability affects the function getupsvar in the file www/apcupsd/tomatodata.cgi, where manipulation of the Field argument leads to a stack-based buffer overflow. The issue can be triggered remote...

9CVSS7.4AI score0.00438EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday2 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS7.3AI score0.00165EPSS
Exploits0References7
CVE
CVE
added yesterday11 views

CVE-2026-51536

In OpENer 2.3.0 commit 76b95cf when parsing incoming CIP Common Industrial Protocol network packets, the length parameter is inconsistently typed across the call stack. Specifically, an upstream length calculated as an int is passed to a downstream function that expects an EipInt16 a 16-bit signe...

9.1CVSS6.1AI score
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-15480

A vulnerability was identified in Trendnet TEW-635BRM up to 1.00.03. This affects the function starthttpd of the file /sbin/rc of the component Web Service. Such manipulation of the argument devicename leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is...

9CVSS0.00463EPSS
Exploits0References5
CVE
CVE
added 2 days ago14 views

CVE-2026-15480

The CVE-2026-15480 refers to Trendnet TEW-635BRM (firmware up to 1.00.03) where the Web Service’s /sbin/rc start_httpd function mishandles the device_name argument, causing a stack-based buffer overflow. This can be triggered remotely; public exploits are cited. Several sources note the vendor’s ...

9CVSS7.4AI score0.00463EPSS
Exploits0References5
CVE
CVE
added 4 days ago8 views

CVE-2026-55213

CVE-2026-55213 (h2o HTTP server) – Affected component: lib/http3/qpack.c, invoked while processing a QPACK instruction over HTTP/3. Root cause: on-stack allocation of a large buffer (up to ~800 KB) via alloca, exceeding default musl libc pthread stack size, leading to a segmentation fault when to...

7.5CVSS6.2AI score0.00343EPSS
Exploits0References2
OSV
OSV
added 4 days ago2 views

CVE-2026-55213 h2o: musl libc stack overflow (QPACK)

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS6.2AI score0.00343EPSS
Exploits0References4
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-55213 h2o: musl libc stack overflow (QPACK)

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Prior to commit edd7a120bfc4af11ac0cbebce2a43cc1f93f9af1, when h2o processes a QPACK instruction sent from the peer over HTTP/3, lib/http3/qpack.c might allocate an on-stack buffer as large as approximately 800 KB by calling...

7.5CVSS0.00343EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 4 days ago9 views

CVE-2026-55693

Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-file word trie by walking it iteratively with a depth counter. The counter is bounded only by the trie structure itself; it is never checked...

8.4CVSS6.1AI score0.00126EPSS
Exploits0References6
NVD
NVD
added 4 days ago5 views

CVE-2026-40007

Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...

7.5CVSS0.00278EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-42835

Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...

7.5CVSS6.1AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 4 days ago8 views

CVE-2026-40007

CVE-2026-40007 affects Apache IoTDB. The issue is an uncontrolled recursion in the AirGap receiver: when pipe_air_gap_receiver_enabled is true, readLength recursively processes E-language prefixes with no depth limit, allowing an unauthenticated attacker to exhaust the receiver thread’s JVM stack...

7.5CVSS6.1AI score0.00278EPSS
Exploits0References2
Rows per page
Query Builder