GHSA-HPWF-8G29-85QM Nest Affected by DoS via Recursive handleData in JsonSocket (TCP Transport)

Impact Attacker sends many small, valid JSON messages in one TCP frame → handleData recurses once per message; buffer shrinks each call → maxBufferSize is never reached; call stack overflows instead → A 47 KB payload is sufficient to trigger RangeError Patches Fixed in @nestjs/[email protected]....

CVE-2026-6069

A flaw was found in NASM. The disasm function contains a stack-based buffer overflow, a memory corruption vulnerability. A remote attacker can exploit this by providing specially crafted input, leading to an out-of-bounds write when the slen value exceeds the buffer capacity during disassembly...

GHSA-FWVM-GGF6-2P4X ImageMagick has a Stack Overflow in DestroyXMLTree()

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service DoS attack...

ImageMagick has a Stack Overflow in DestroyXMLTree()

Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service DoS attack...

Tenda F456 fromNatStaticSetting Parameter Stack Buffer Overflow Vulnerability

Tenda F456 is a home wireless router product that is mainly used to provide wireless network access and network management functions. The Tenda F456 suffers from a stack buffer overflow vulnerability. The vulnerability stems from the failure of the fromNatStaticSetting function in...

PT-2026-33230

Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData recurses once per message; the buffer shrinks each call. maxBufferSize is never reached; call stack overflows instead. ...

Linux Distros Unpatched Vulnerability : CVE-2026-32203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network. CVE-2026-32203 Note that Nessus relies on...

Huawei HarmonyOS Media Platform Stack Overflow Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A stack overflow vulnerability exists in the Huawei HarmonyOS media platform, which can be exploited by an attacker to cause availability to be compromised...

Totolink A3002MU formWlanSetup file wan-url parameter stack buffer overflow vulnerability

Totolink A3002MU is a wireless router product that provides network connectivity and wireless access. A stack buffer overflow vulnerability exists in the Totolink A3002MU. The vulnerability stems from a failure to properly handle the wan-url parameter in the HTTP request handling component, which...

TOTOLINK A7000R cstecgi.cgi setWiFiEasyGuestCfg function ssid5g parameter stack buffer overflow vulnerability

TOTOLINK A7000R is a wireless router product that is mainly used to provide network connectivity and Wi-Fi access. TOTOLINK A7000R suffers from a stack buffer overflow vulnerability. The vulnerability stems from the setWiFiEasyGuestCfg function in the /cgi-bin/cstecgi.cgi file failing to properly...

UBUNTU-CVE-2026-32203

Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network...

DEBIAN-CVE-2026-33902

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...

CVE-2026-33902

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...

CVE-2026-33902

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...

UBUNTU-CVE-2026-33902

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...

EUVD-2026-22124

jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion whose depth is controlled by the length of a caller-supplied path array, with no depth limit enforced. An attacker can supply a JSON...

EUVD-2026-22065

A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been public...

CVE-2026-33908 ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree()

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When...

CVE-2026-33908 ImageMagick is vulnerable to Stack Overflow in DestroyXMLTree()

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When...

CVE-2026-33902 ImageMagick: Stack Overflow via Recursive FX Expression Parsing

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...