nodejs: Nodejs denial of service

A stack overflow flaw has been discovered in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications tha...

nodejs: Nodejs denial of service

A stack overflow flaw has been discovered in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications tha...

nodejs: Nodejs denial of service

A stack overflow flaw has been discovered in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications tha...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.2.0 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, an...

CVE-2026-2180

A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fastsettingwifiset. Such manipulation of the argument ssid5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2026-2187

A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function setqosMiblist of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been ma...

CVE-2026-2185

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

ALSA-2026:2410 Important: libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

AlmaLinux 8 : libsoup (ALSA-2026:2215)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2215 advisory. libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buff...

Siemens SCALANCE and RUGGEDCOM Stack-based Buffer Overflow (CVE-2025-6141)

A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocesstermcap of the file tinfo/parseentry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to...

Security Bulletin: IBM Financial Transaction Manager for ACH Services and Check Services is impacted by multiple vulnerabilities

Summary IBM Financial Transaction Manager for ACH Services and Check Services has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data...

CVE-2026-22904

Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...

CVE-2026-22903

An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the modified lighttpd server, causing it to crash and potentially enabling remote code execution due to missing stack protections...

CVE-2026-22904 Stack Overflow via Oversized Cookie Fields in lighttpd

Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...

CVE-2026-22904

Improper length handling when parsing multiple cookie fields including TRACKID allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution...

CVE-2026-22904

CVE-2026-22904 affects lighttpd, where improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow. This can result in a denial-of-service condition and potentially r...

CVE-2026-22903

Affects lighttpd-based server variants (modified lighttpd) where an unauthenticated remote attacker can send a crafted HTTP request with an overly long SESSIONID cookie. The underlying issue is a stack buffer overflow, triggered by the oversized cookie, leading to server crashes and potentially r...

CVE-2026-22903

An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the modified lighttpd server, causing it to crash and potentially enabling remote code execution due to missing stack protections...

libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...

libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...