AZL-79397 CVE-2026-27601 affecting package krb5 1.21.3-3

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

CVE-2026-27601

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

CVE-2026-27601

CVE-2026-27601 affects Underscore.js prior to 1.13.8. The vulnerability arises when _.flatten or _.isEqual recursively processes deeply nested, untrusted input without a depth limit, enabling a Denial of Service via stack overflow under specific data structures (e.g., inputs created via JSON.pars...

CVE-2026-27601 Underscore.js has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

CVE-2026-27601 Underscore.js has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

CVE-2026-27601

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

CVE-2026-27601

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

EUVD-2026-9341

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

CVE-2025-70240

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard51...

CVE-2025-70234

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS...

CVE-2025-70239

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard55...

CVE-2025-70240

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard51...

CVE-2025-70241

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANTypeWizard5...

CVE-2025-70236

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter...

CVE-2025-70237

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr...

CVE-2025-69765

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-69765

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

SUSE CVE-2026-28422

Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in buildstlstrhl when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue...